The main stages of key/certificate management include: - Initialization; Issued;Cancellation, This includes registration, key pair generation, certificate creation and certificate/key distribution, certificate dissemination, and key backup. - Initialization, This includes certificate retrieval, certificate validation, key recovery and key update. - Issued, This includes certificate expiration, certificate revocation, key history and key archiving. - Cancellation, Certificates receive a period of ________ designation (timeframe the cert is valid and should be trusted) at creation via a start and end date or expiration date. - validity, There are also instances where a certificate needs to moved to an invalid/untrusted state (________) prior to the original expiration date. - revoked, ▪ Issuing CA was compromised ▪ Certificate affiliation has changed ▪ The cert itself was compromised ▪ Certificate has been updated or superseded - Some reasons warranting having a cert revoked include but are not limited to:, RFC 5280 thus defines “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile”, and includes two main states for revocation: - Revoked & On Hold, The CRL must be published by the ___ who originally generated the targeted certificates and is only valid for a given amount of time (which is typically less than 24 hours). - CA, CRLs are signed by the ___. - CA, CRL's are signed by the ______ key of the CA, - private, CRL's are checked against its _______ key (which is stored in a root certificate folder or preinstalled within a Web browser). - public, An alternative to CRL is to use ___________ an online service used to check the validity of a certificate. - Online Certificate Status Protocol (OCSP),,

D334-Chapter 6 Certificate Management Recap

bởi
Nhúng

Bảng xếp hạng

Thẻ thông tin là một mẫu kết thúc mở. Mẫu này không tạo điểm số cho bảng xếp hạng.

Phong cách trực quan

Tùy chọn

Chuyển đổi mẫu

Bạn có muốn khôi phục tự động lưu: không?