cnspp-ch14-AuthenticationApplications.pptVIP

* Stallings Fig 14-1. Discuss in relation to Table 14-1 which details message exchanges. * Stallings Fig 14-1. Discuss in relation to Table 14-1 which details message exchanges. * Stallings Fig 14-1. Discuss in relation to Table 14-1 which details message exchanges. * X.509 is the Internationally accepted standard for how to construct a public key certificate, and is becoming widely used. It has gone through several versions. It is used by S/MIME secure email, SSL/TLS secure Internet links (eg for secure web). * X.509 is the Internationally accepted standard for how to construct a public key certificate, and is becoming widely used. It has gone through several versions. It is used by S/MIME secure email, SSL/TLS secure Internet links (eg for secure web). * The X.509 certificate is the heart of the standard. There are 3 versions, with successively more info in the certificate - must be v2 if either unique identifier field exists, must be v3 if any extensions are used. * The X.509 certificate is the heart of the standard. There are 3 versions, with successively more info in the certificate - must be v2 if either unique identifier field exists, must be v3 if any extensions are used. * Stallings Fig 14-3. * All very easy is both parties use the same CA. If not, then there has to be some means to form a chain of certifications between the CAs used by the two parties. And that raises issues about whether the CAs are equivalent, whether they used the same policies to generate their certificates, and how much youre going to trust a CA at some remove from your own. These are all open issues. * Stallings Fig 14-4. Track chains of certificates: A acquires B certificate using chain: XWWVVYYZZB B acquires A certificate using chain: ZYYVVWWXXA * The X.509 standard specifies the authentication protocols that can be used when obtaining and using certificates. 1-way for unidirectional messages (like email), 2-way for interactive sessions when timestamps are used, 3-way for int