Home  >  Fourth Edition  >  Chapter 23
Chapter 23 –  Public Key Infrastructures and Certificate Authorities
     Santosh Chokhani

Chapter Contents:

   23.1    Introduction
   23.1.1    Secret Key Cryptography Not Practical for Network Security
   23.1.2    Public Key Cryptosystem
   23.1.3    Advantages of Public Key Cryptosystem over Secret Key Cryptosystem
   23.2    Need for Public Key Infrastructure
   23.3    Public Key Certificate
   23.4    Enterprise Public Key Infrastructure
   23.5    Certificate Policy
   23.6    Global Public Key Infrastructure
   23.6.1    Trusted Paths
   23.6.2    Trust Models    Strict Hierarchy    Hierarchy    Bridge    Multiple Trust Anchors    Anarchy
   23.6.3    Choosing a Public Key Infrastructure Architecture
   23.6.4    Cross-Certification
   23.6.5    Public Key Infrastructure Interoperability    Trust Path    Cryptographic Algorithms    Certificate and Certificate Revocation List Format    Certificate and Certificate Revocation List Dissemination    Certificate Policies    Names
   23.7.    Forms of Revocation
   23.7.1    Types of Revocation-Notification Mechanisms
   23.7.2    Certificate Revocation Lists and Their Variants    Full and Complete CRL    Authority Revocation List    Distribution-Point CRL    Delta Certificate Revocation List
   23.7.3    Server-based Revocation Protocols
   23.7.4    Summary of Recommendations for Revocation Notification
   23.8    Rekey
   23.9    Key Recovery
   23.10    Privilege Management
   23.11    Trusted Archival Services and Trusted Time Stamps
   23.12    Cost of Public Key Infrastructure
   23.13    References
   23.14    Further Reading
   23.15    Notes

Please report problems to the webmaster at:
copyright 2002-2006, Robert Gezelter, All Rights Reserved