CA/Terminology: Difference between revisions
| Line 15: | Line 15: | ||
'''Intermediate Certificate:''' A Certificate that is signed by either a Root Certificate or another Intermediate Certificate, and that signs either End-Entity Certificates or other Intermediate Certificates. | '''Intermediate Certificate:''' A Certificate that is signed by either a Root Certificate or another Intermediate Certificate, and that signs either End-Entity Certificates or other Intermediate Certificates. | ||
'''Multi-Factor Authentication:''' Authentication requiring | '''Multi-Factor Authentication:''' Authentication requiring that the user provide more than one form of verification in order to prove their identity and allow access to the system. Typically user-name and password is one form of verification. Often the second from of verification is something the user has, such as smart card, security token, phone system providing one-time-password, etc. | ||
'''Root CA:''' An organization that is responsible for the creation, issuance, revocation, and management of Certificates, and whose Root Certificate is included in NSS. | '''Root CA:''' An organization that is responsible for the creation, issuance, revocation, and management of Certificates, and whose Root Certificate is included in NSS. | ||
Revision as of 19:13, 10 October 2012
|
THIS PAGE IS A WORKING DRAFT | 
|
| The page may be difficult to navigate, and some information on its subject might be incomplete and/or evolving rapidly. If you have any questions or ideas, please add them as a new topic on the discussion page. |
Certificate: An electronic document that uses a digital signature to bind a public key and an identity. Certificates are used in three primary functions within Mozilla software: to connect to an SSL-enabled web server or other SSL-enabled servers, to read digitally signed email from another user, to download and execute digitally signed code.
Certificate Policy: A set of rules that indicates the applicability of a named Certificate to a particular community and/or PKI implementation with common security requirements.
Certification Authority: An organization that is responsible for the creation, issuance, revocation, and management of Certificates.
Certification Practice Statement: One of several documents forming the governance framework in which Certificates are created, issued, managed, and used.
End-Entity Certificate: A Certificate that cannot sign other Certificates.
Intermediate Certificate: A Certificate that is signed by either a Root Certificate or another Intermediate Certificate, and that signs either End-Entity Certificates or other Intermediate Certificates.
Multi-Factor Authentication: Authentication requiring that the user provide more than one form of verification in order to prove their identity and allow access to the system. Typically user-name and password is one form of verification. Often the second from of verification is something the user has, such as smart card, security token, phone system providing one-time-password, etc.
Root CA: An organization that is responsible for the creation, issuance, revocation, and management of Certificates, and whose Root Certificate is included in NSS.
Root Certificate: A self-signed Certificate issued by a Root CA to identify itself and to facilitate verification of Certificates issued to its Subordinate CAs.
Subordinate CA: An organization that is responsible for the creation, issuance, revocation, and management of Certificates, and whose Subordinate Certificate is signed by a Root CA or another Subordinate CA.
Subordinate Certificate: An Intermediate Certificate.
Trust Anchor: A Certificate that is included in NSS with at least one of the trust bits enabled. This is usually a Root Certificate, but under certain circumstances may be an Intermediate Certificate.