|
||||||||||||||||||
|
||||||||||||||||||
About Public Key InfrastructureA PKI is an automated system that manages the generation, maintenance, and delivery of encryption and digital signature keys. Together, encryption and digital signature keys provide:
Both key types encryption and digital signature have two related components: a public key component that is accessible to all users, and a private-key component that must be secured from access by others. The public key and other identification information is stored in a digital certificate that is digitally signed by a Certification Authority (CA). The CA's digital signature on the digital certificate binds the identity of the end-entity with its public key. It also guarantees that the public key has not been tampered with. To create a level of assurance or trust in the CA, certain policies and procedures must be followed. One of the main issues is the registration process, which involves how a client is identified and authenticated before a digital certificate is issued. Certification Policy (CP) There are two CPs connected to this CA:
Prior to using the CRA PKI application, the participant must be fully conversant with the subscriber obligations and responsibilities contained in the CRA Certificate Policy. |
||||||||||||||||||
|