Term
|
Definition
Certificate authority or CA
The highest-level authority in the certificate hierarchy, responsible for issuing and signing certificates to subordinate CAs.
This CA's security is especially crucial and is commonly taken offline to prevent a compromise. |
|
|
Term
|
Definition
Certificate authority or CA
An intermediate authority that operates under a root CA issuing and signing digital certificates
These intermediate CAs are sometimes referred to as issuing CAs. In these instances, they will issue all certificates lower than the root CA in the PKI hierarchy. |
|
|
Term
|
Definition
Certificate authority or CA
An independent CA that issues and manages certificates, doesn't rely on a hierarchical structure, and is typically used in smaller or isolated environments. |
|
|
Term
|
Definition
Certificate authority or CA
A CA used within an organization's internal network to issue certificates, with the authority not trusted outside the organization. |
|
|
Term
|
Definition
Certificate authority or CA
A trusted entity or authority whose digital signature and public key are accepted as a foundation of trust in the PKI hierarchy. |
|
|
Term
|
Definition
Certificate authority or CA
A CA used for issuing certificates to entities publicly, with the
authority being trusted globally. |
|
|
Term
|
Definition
Certificate authority or CA
That is integrated into an organization's network and issues and
manages certificates for internal use. |
|
|
Term
|
Definition
An electronic document issued by a trusted authority, or Certificate Authority (CA), that binds a public key to an individual, device, or service.
These documents serve as a means of authentication and encryption for secure communications, digital signatures, and access control. |
|
|
Term
| Certificate Signing Request (CSR) |
|
Definition
A formal request generated by an entity, such as an organization or user, to request a digital certificate from a CA.
A BLANK can be sent to an internal or external CA |
|
|
Term
| Certificate Revocation List (CRL) |
|
Definition
A dynamically updated list maintained by a CA containing serial numbers of
certificates that have been revoked or are invalid before expiry.
This provides verification and trustworthiness of the certificate.
This is an older resource-intensive method for determining whether a certificate is valid or revoked. |
|
|
Term
| Online Certificate Status Protocol (OCSP) |
|
Definition
A real-time network protocol used to check the validity and revocation status of certificates.
This provides verification and trustworthiness of the certificate.
An alternative method for determining whether a certificate is valid or revoked. |
|
|
Term
|
Definition
A server that processes OCSP requests (certificate validity check requests).
This provides quick, real-time responses on the validity and revocation status of certificates.
Less resource intensive, great efficiency. |
|
|
Term
|
Definition
The process of storing a copy of cryptographic keys with a trusted third-party.
This is commonly done for recovery or backup purposes in case the original key is lost or compromised. |
|
|
