📄 implementation-overview.htm
字号:
<HTML><HEAD><TITLE>General implementation overview</TITLE><METANAME="GENERATOR"CONTENT="Modular DocBook HTML Stylesheet Version 1.55"><LINKREL="HOME"TITLE="The Open–source PKI Book"HREF="ospki-book.htm"><LINKREL="PREVIOUS"TITLE="Typical uses of public key cryptography"HREF="x169.htm"><LINKREL="NEXT"TITLE="Initialisation of the Certification Authority"HREF="initialisation.htm"></HEAD><BODYCLASS="CHAPTER"BGCOLOR="#FFFFFF"TEXT="#000000"LINK="#0000FF"VLINK="#840084"ALINK="#0000FF"><DIVCLASS="NAVHEADER"><TABLEWIDTH="100%"BORDER="0"CELLPADDING="0"CELLSPACING="0"><TR><THCOLSPAN="3"ALIGN="center">The Open–source PKI Book: A guide to PKIs and Open–source Implementations</TH></TR><TR><TDWIDTH="10%"ALIGN="left"VALIGN="bottom"><AHREF="x169.htm">Prev</A></TD><TDWIDTH="80%"ALIGN="center"VALIGN="bottom"></TD><TDWIDTH="10%"ALIGN="right"VALIGN="bottom"><AHREF="initialisation.htm">Next</A></TD></TR></TABLE><HRALIGN="LEFT"WIDTH="100%"></DIV><DIVCLASS="CHAPTER"><H1><ANAME="IMPLEMENTATION-OVERVIEW">Chapter 4. General implementation overview</A></H1><DIVCLASS="TOC"><DL><DT><B>Table of Contents</B></DT><DT><AHREF="implementation-overview.htm#SOFTWAREPREREQUISITES">Prerequisites</A></DT><DT><AHREF="initialisation.htm">Initialisation of the Certification Authority</A></DT><DT><AHREF="keygensign.htm">User/Server key generation and signing</A></DT></DL></DIV><P> We give a technical overview of the processes of creating a certificate and operating a Certification Authority. </P><DIVCLASS="SECT1"><H1CLASS="SECT1"><ANAME="SOFTWAREPREREQUISITES">Prerequisites</A></H1><P> We shall discuss here the software needed to create a usable Certification Authority. </P><DIVCLASS="SECT2"><H2CLASS="SECT2"><ANAME="USEFUL-SOFTWARE">Useful open–source software</A></H2><P> The following software can provide the collective functionality of a Certification Authority. <P></P><UL><LI><P> For the Certification Authority Server, any operating system can be used. In case it communicates manually with the Registration Authority (for example, data files are transfered using a floppy disk), it does not even need to have network support. However, it is recommended to use operating systems that provide some sort of assurance of its stability and can have irrelevant system or network services easily removed. We recommend <SPANCLASS="TRADEMARK">Unix</SPAN>™ or <SPANCLASS="TRADEMARK">Unix</SPAN>™–like operating systems. </P></LI><LI><P>SSL/TLS software</P></LI><LI><P>WWW server with SSL/TLS support</P></LI><LI><P>LDAP server</P></LI><LI><P>Text/Graphical Interface, possibly in Java/HTML</P></LI></UL> </P><DIVCLASS="NOTE"><P></P><TABLECLASS="NOTE"WIDTH="100%"BORDER="0"><TR><TDWIDTH="25"ALIGN="CENTER"VALIGN="TOP"><IMGSRC="stylesheet-images/note.gif"HSPACE="5"ALT="Note"></TD><TDALIGN="LEFT"VALIGN="TOP"><P> The PKIX standards do not suggest nor forbid the use of a WWW server for the role of a CA/RA. To remove the need to create standalone network applications for both the CA and RA, it is possible to use individual WWW servers operated by designated Operators. </P></TD></TR></TABLE></DIV></DIV></DIV></DIV><DIVCLASS="NAVFOOTER"><HRALIGN="LEFT"WIDTH="100%"><TABLEWIDTH="100%"BORDER="0"CELLPADDING="0"CELLSPACING="0"><TR><TDWIDTH="33%"ALIGN="left"VALIGN="top"><AHREF="x169.htm">Prev</A></TD><TDWIDTH="34%"ALIGN="center"VALIGN="top"><AHREF="ospki-book.htm">Home</A></TD><TDWIDTH="33%"ALIGN="right"VALIGN="top"><AHREF="initialisation.htm">Next</A></TD></TR><TR><TDWIDTH="33%"ALIGN="left"VALIGN="top">Typical uses of public key cryptography</TD><TDWIDTH="34%"ALIGN="center"VALIGN="top"> </TD><TDWIDTH="33%"ALIGN="right"VALIGN="top">Initialisation of the Certification Authority</TD></TR></TABLE></DIV></BODY></HTML>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -