PPT Slide

PKIX - MODEL ENTITIES

• CERTIFICATION AUTHORITY (CA)
  • Produces certificates
  • Produces certificate revocation lists

• REGISTRATION AUTHORITY (RA)
  • optional entity - functionality could be subsumed into a CA- if exists could perform, for example:
    • user authentication
    • token distribution
    • key generation
    • revocation reporting
    • archiving of key pairs
  • model views RA as a special case of an EE

• TIME STAMPING SERVICE

• DIRECTORY

• END ENTITY (EE) ( ~ ”subject”)

• OPERATIONS/MESSAGES
  • In general a PKI “operation” consists of a request message and a response message

• PERSONAL SECURITY ENVIRONMENT (PSE)
  • local trusted storage at EE (e.g. PC Card)

Previous slide

Next slide

Back to first slide

View graphic version