In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users ("endorsements"). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.
For provable security this reliance on something external to the system has the consequence that any public key certification scheme has to rely on some special setup assumption, such as the existence of a certificate authority.
Certificates can be created for Unix-based servers with tools such as OpenSSL's ca command or SuSE's gensslcert. These may be used to issue unmanaged certificates, Certification Authority (CA) certificates for managing other certificates, and user and/or computer certificate requests to be signed by the CA, as well as a number of other certificate related functions.
Similarly, Microsoft Windows 2000 Server and Windows Server 2003 contain a Certification Authority (CA) as part of Certificate Services for the creation of digital certificates. In Windows Server 2008 the CA may be installed as part of Active Directory Certificate Services. The CA is used to manage and centrally issue certificates to users and/or computers. Microsoft also provides a number of different certificate utilities, such as SelfSSL.exe for creating unmanaged certificates, and Certreq.exe for creating and submitting certificate requests to be signed by the CA, and certutil.exe for a number of other certificate related functions.
This post is very interesting and easy to understand. I have learn a lot about how Public Key Infrastructure works from your post. The examples u gave on Public Key Infrastructure are quite less. Hence, I would suggest that maybe you can give more examples on how Public Key Infrastructure can help us. You can also elaborate more on what Public-Key infrastructure is so that readers like myself will be able to understand more. Also, maybe you can add pictures or videos to let readers like myself have a even better and clearer knowledge on what Public-key infrastructure are all about.
ReplyDeleteThis post is very detailed and easy to understand. I have better understanding about Public key infrastructure by reading ur post. Like public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an identity.
ReplyDeleteAnd you explained some software that contain certification authority as part of Certificate services.
Very good post, detailed and well explained. Keep it up
Good post on public key infrastructure but you lack examples. Also, I would like to correct CHAN YG's statement. He said,"The examples u gave on Public Key Infrastructure are quite less". It should actually be the examples are little or insufficient. Its also good that you explained some software. Good effort!
ReplyDeleteBonjour! Je m'appelle William! Good post regarding your public key infrastructure (PKI). Thanks to your blog, I am certainly getting into director's list due to my INKS results. However, it is a bit boring because there is no pictures... Au revoir!
ReplyDeleteI have understand about Public key infrastructure alot better thanks to your post. it is well explained but it lacks examples to allow even better understanding
ReplyDeleteThis post is very interesting and easy to understand. I have learn a lot about how Public Key Infrastructure works from your post. The examples u gave on Public Key Infrastructure are quite less. Hence, I would suggest that maybe you can give more examples on how Public Key Infrastructure can help us. You can also elaborate more on what Public-Key infrastructure is so that readers like myself will be able to understand more. Also, maybe you can add pictures or videos to let readers like myself have a even better and clearer knowledge on what Public-key infrastructure are all about.
ReplyDelete