The main stages of key/certificate management include: - Initialization; Issued;Cancellation, This includes registration, key pair generation, certificate creation and certificate/key distribution, certificate dissemination, and key backup. - Initialization, This includes certificate retrieval, certificate validation, key recovery and key update. - Issued, This includes certificate expiration, certificate revocation, key history and key archiving. - Cancellation, Certificates receive a period of ________ designation (timeframe the cert is valid and should be trusted) at creation via a start and end date or expiration date. - validity, There are also instances where a certificate needs to moved to an invalid/untrusted state (________) prior to the original expiration date. - revoked, ▪ Issuing CA was compromised ▪ Certificate affiliation has changed ▪ The cert itself was compromised ▪ Certificate has been updated or superseded - Some reasons warranting having a cert revoked include but are not limited to:, RFC 5280 thus defines “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile”, and includes two main states for revocation: - Revoked & On Hold, The CRL must be published by the ___ who originally generated the targeted certificates and is only valid for a given amount of time (which is typically less than 24 hours). - CA, CRLs are signed by the ___. - CA, CRL's are signed by the ______ key of the CA, - private, CRL's are checked against its _______ key (which is stored in a root certificate folder or preinstalled within a Web browser). - public, An alternative to CRL is to use ___________ an online service used to check the validity of a certificate. - Online Certificate Status Protocol (OCSP),,

D334-Chapter 6 Certificate Management Recap

by
Embed

Leaderboard

Flash cards is an open-ended template. It does not generate scores for a leaderboard.

Visual style

Options

Switch template

Continue editing: ?