description-pki.htm

The Open–source PKI Book Version 2.4.6 Edition Copyright &copy 1999, 2000 by Symeon (Simos) Xenite

<HTML
><HEAD
><TITLE
>Basic functionality of a Public Key Infrastructure[TODO]</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.55"><LINK
REL="HOME"
TITLE="The Open&#8211;source PKI Book"
HREF="ospki-book.htm"><LINK
REL="PREVIOUS"
TITLE="Certification Authority"
HREF="ca.htm"><LINK
REL="NEXT"
TITLE="Signing of the certificate request by the Certification Authority"
HREF="x161.htm"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The Open&#8211;source PKI Book: A guide to PKIs and Open&#8211;source Implementations</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="ca.htm"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x161.htm"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="DESCRIPTION-PKI"
>Chapter 3. Basic functionality of a Public Key Infrastructure[TODO]</A
></H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
><A
HREF="description-pki.htm#AEN156"
>Creation of the key&#8211;pair and the certificate request</A
></DT
><DT
><A
HREF="x161.htm"
>Signing of the certificate request by the Certification Authority</A
></DT
><DT
><A
HREF="x164.htm"
>Certification Authority chains</A
></DT
><DT
><A
HREF="x169.htm"
>Typical uses of public key cryptography</A
></DT
></DL
></DIV
><P
>    Alice wants to communicate securely with Bob.
    In essence, this means that Alice does not want someone else to listen to 
    the conversation, wants the information sent to Bob not to be altered on 
    their way to him and finally she would possibly like a mechanism to prove
    that she had this conversation, in case, for some reason, claim he did not.
    We shall describe all the steps necessary to establish
    communication using the Certification Authority.
  </P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN156"
>Creation of the key&#8211;pair and the certificate request</A
></H1
><P
>	Alice creates a public/private key pair using
	a public key algorithm like <SPAN
CLASS="ACRONYM"
>RSA</SPAN
>.
	Then, she creates a certificate request,
	which is the Certificate just prior to signing by the 
	Certification Authority. First, the certificate request contains
	information about the identity of the user, such as the
	name, address, telephone number and e&#8211;mail address. 
	Second, it contains her public key. Certificates
	can be used to authenticate not only people but also
	entities in general, such as a WWW server or a network device.
	In the latter case, the information in the Certificate would be the
	<SPAN
CLASS="ACRONYM"
>URL</SPAN
> of the WWW server, the WWW Administrator 
	details, and so on.   
  </P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="ca.htm"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ospki-book.htm"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x161.htm"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Certification Authority</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Signing of the certificate request by the Certification Authority</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>