WELCOME INTRODUCTION TO DIGITAL CERTIFICATE CONTENTS DIGITAL CERTIFICATE

  • Slides: 15
Download presentation
WELCOME

WELCOME

INTRODUCTION TO DIGITAL CERTIFICATE

INTRODUCTION TO DIGITAL CERTIFICATE

CONTENTS • • • DIGITAL CERTIFICATE DIFFERENT FIELDS WITHIN THE CERTIFICATE STEPS FOR OBTAINING

CONTENTS • • • DIGITAL CERTIFICATE DIFFERENT FIELDS WITHIN THE CERTIFICATE STEPS FOR OBTAINING A CERTIFICATE STEPS FOR DESIGNING DIGITAL CERTIFICATE VERIFICATION OR AUTHETICITY OF CERTIFICATE • CERTIFICATE ATTRIBUTES • TRUST MODELS • KEY EXAMPLES OF THE CERTIFICATE EXTENSIONS

DIGITAL CERTIFICATE It is a small computer file. Combines individuals identity to public key.

DIGITAL CERTIFICATE It is a small computer file. Combines individuals identity to public key. It contains information to assure public key owner’s identity. X. 509 standard. Tells necessary fields. Mention possible values to be inserted.

DIFFERENT FIELDS WITHIN THE CERTIFICATE Version Certificate Serial Number Signature Algorithm Identifier Issuer Name

DIFFERENT FIELDS WITHIN THE CERTIFICATE Version Certificate Serial Number Signature Algorithm Identifier Issuer Name Validity Subject Name Subject Public Key Infrastructure Issuer ID Subject ID Extensions CA’s

STEPS FOR OBTAINING A CERTIFICATE REGISTRATION KEY GENERATION VERIFICATION CERTIFICATE EXTENSION

STEPS FOR OBTAINING A CERTIFICATE REGISTRATION KEY GENERATION VERIFICATION CERTIFICATE EXTENSION

STEPS FOR DESIGNING DIGITAL CERTIFICATE RA Registration Authority DIGITAL CERTIFICATE USER VALUE CA Certificate

STEPS FOR DESIGNING DIGITAL CERTIFICATE RA Registration Authority DIGITAL CERTIFICATE USER VALUE CA Certificate Authority ALGORITHM KEY STORE

VERIFICATION OR AUTHENTICITY OF CERTIFICATE DIGITAL CERTIFICAT E MESSAGE DIGEST ALGORITHM DIGITAL SIGNATURE MESSAGE

VERIFICATION OR AUTHENTICITY OF CERTIFICATE DIGITAL CERTIFICAT E MESSAGE DIGEST ALGORITHM DIGITAL SIGNATURE MESSAGE DIGEST(A) MESSAGE DIGEST ALGORITHM A MESSAGE DIGEST(B) B IF A=B YES Certificate is valid NO Certificate is invalid

CERTIFICATE ATTRIBUTES END ENTITY CERTIFICATES This are issued by a CA to a specific

CERTIFICATE ATTRIBUTES END ENTITY CERTIFICATES This are issued by a CA to a specific subject. CA CERTIFICATES These are used when independent CA’s establish Hierarchical Trust relationship CROSS CERTIFICATES These are used when independent CA’s establish Peer to Peer Trust relationship POLICY CERTIFICATES It is used for placing policy information within sophisticated CA’s used for high security applications.

TRUST MODELS WHAT IS TRUST MODEL? A Trust domain is a construct of systems,

TRUST MODELS WHAT IS TRUST MODEL? A Trust domain is a construct of systems, personnel, application, protocols, technologies, and polices that work together to provide a certain level of protection. TYPES OF TRUST MODEL: 1) Hierarchical Trust Model 2) Peer To Peer Trust Model 3) Hybrid Trust Model

HIERARCHICAL TRUST MODEL DIAGRAM: - ROOT CA INTERMEDIATE B CA INTERMEDIATE A CA LEAF

HIERARCHICAL TRUST MODEL DIAGRAM: - ROOT CA INTERMEDIATE B CA INTERMEDIATE A CA LEAF A CA USER LEAF B CA USER LEAF C CA USER LEAF D CA USER

PEER TO PEER TRUST MODEL DIAGRAM: - COMPANY A CA USER COMPANY B CA

PEER TO PEER TRUST MODEL DIAGRAM: - COMPANY A CA USER COMPANY B CA USER

KEY EXAMPLES OF THE CERTIFICATE 1) 2) 3) 4) 5) 6) DIGITAL SIGNATURE KEY

KEY EXAMPLES OF THE CERTIFICATE 1) 2) 3) 4) 5) 6) DIGITAL SIGNATURE KEY ENCIPHERMENT DATA ENCIPHERMENT CRL SIGN KEY CERT SIGN NON REPUDIATION

ANY QUESTIONS ? ? ?

ANY QUESTIONS ? ? ?

THANK YOU

THANK YOU