PKI入门

Public Key Infrastructure 公钥基础设施 Digital Certificate Concept 数字证书概念 Digital Certificate Concept 数字证书概念 Digital Certificate 数字证书 Digital version of a paper-based passport 是纸质护照的数字版本 Identifies a person/organization uniquely on the Internet 在Internet上唯一标识一个人或组织 Binds a user with its public key 将一个用户和他自己的公钥绑在一起 Digital Certificate Contents 数字证书内容 Main contents are the subject name (user), validity and public key 主要的内容是主体名(用户)的合法性和公钥 Signed by a Certification Authority (CA) 由认证中心(CA)签发 Provides guarantees about a user’s identity 为用户身份提供了保证 Digital Certificate Example 数字证书举例 Digital Certificate Example 数字证书举例 Similarities between a Passport and a Digital Certificate 数字证书和护照的比较 Certification Authority(CA) 证书机构 Certification Authority(CA)of China 中国的证书机构 Certification Authority(CA)of China 中国的证书机构 Certification Authority(CA)of China 中国的证书机构 Technical Detail of Digital Certificate 数字证书技术细节 Digital Certificate Contents V1 数字证书内容V1版本 Digital Certificate Contents V3 数字证书内容V3版本 Digital Certificate Contents V3 数字证书内容V3版本 X.509 Registration Authority (RA) 注册中心 Takes some load off a CA 分担CA的部分工作负担 Acts on behalf of a CA 代表CA起作用 Takes upon some of the tasks of the CA 承担CA的部分工作 Registration Authority (RA) 注册中心 Services provided by RA 注册中心提供的服务 Digital Certificate Creation 数字证书生成 Key generation 密钥生成 Registration 注册 Verification 验证 Certificate creation 证书生成 Digital Certificate Request 数字证书请求 Digital Certificate Contents 数字证书内容 Digital Certificate: Readability 数字证书:可读性 Digital Certificate Signed by CA CA签发的数字证书 The principle of a digital signiture 数字签名的原理 How does the CA sign a digital certificate CA如何签名数字证书 How can we verify a digital certificate 我们如何验证数字证书 CA Hierarchy CA的层次 There can be multiple level CAs 可能存在多层CA Useful for delegation of work 可用于委托工作 Each higher level CA vouches for its subordinate CA 每一高层CA担保其下属CA CA Hierarchy CA的层次 Same Root CA 相同的根CA How to Verify Root CA? 怎样验证根CA Verifying Root CA 验证根CA Who signs for Root CA? 谁为

文档评论(0)

1亿VIP精品文档

相关文档