PKIX - MANDATORY SCHEMES

• RA/CA MUST SUPPORT BOTH SCHEMES

• END-ENTITY MUST SUPPORT ONE OF THE SCHEMES

• CENTRALISED SCHEME
  • initiation at CA
  • no on-line message authentication
  • key generation at CA
  • no confirmation
    

• BASIC AUTHENTICATED SCHEME
  • initiation at End Entity
  • on-line message authentication
  • key generation at End-Entity
  • confirmation required

Previous slide

Next slide

Back to first slide

View graphic version