certification practices
DESCRIPTION
Certification Practices. DB Lab. 이 찬 섭 , 강 민 석 , 김 희 수 VLSI Systems Lab. 이 윤 아 , 송 영 아. = 목 차 =. 개념 (Concepts) Certificate Practice Statement (CPS) 용어 정의 PEM Policy Statement X.509 인증서 정책 인증서 종류 CPS 의 소개 CPS 의 내용 형식과 구조 다른 문서의 참조. Certification Practice Statement. - PowerPoint PPT PresentationTRANSCRIPT
-
Certification PracticesDB Lab. , ,
VLSI Systems Lab. ,
-
= =(Concepts)Certificate Practice Statement (CPS) PEM Policy StatementX.509
CPS CPS
-
Certification Practice Statement . . .
CPSCA CA .
-
ABA GuidelinesCPS : . .CA : , , .CPS CA .CPS CPS, , , , .
-
/1( Enrollment) . (Issuing Authority) PEM CA .PEM CA Infrastructure , PCA . (Nonverified subscriber information) . . .
-
/2 (: Operational period) , .( Relying party) party. (Repository) on-line database. ( Subscriber) , , party.
-
PEM /1CPS Policy Certification Authority( ) .PEM(RFC1422) PCA . . .
-
PEM /2RFC1422-PCAPCA identityPCA PCA security and privacy Naming Business issues
-
X.509 /1X.509 ver3 PEM PCA X.509 CA(public, interorganization) (practice) CPS CPS . CPS , .
-
X.509 /2 () . , .
CPS X.509 ( )
-
X.509 /3 (sensitive - but-unclassified) , .( )High assurance policy : - (high-value financial transaction), (particularly sensitivity data) medium assurance policy : low-value transaction, medium sensitivity datelow assurance policy : low-sensitivity
-
X.509 /4 : . . CPS CPS . , CPS .
-
X.509 /5, CPS . , high, medium, low assurance CA . ( CPS )
-
Certificate Classes /1 , , , trusted third party . , , , .VeriSign . CPS . , , .
-
Certificate Classes /2 1, 2, 3 .3 1 .
Class 1 certificates1 . E-mail . ( ) .
-
Certificate Classes /3Class 2 certificates . . , , On-line .Class 3 certificates . . 2 .
-
Certificate Classes /4
, private-sector . 3 IA .
3 (electronic banking)electronic data interchange(EDI)S/W validation.Membership-based on-line services
-
CPS /1CPS CPS , , (open community) . .CPS , , , . ( ) CPS CA .
-
CPS /2CPS , , CPS .CPS . .
-
CPS /3CPS (framework) (template) . CPS . .ABA Guidelines : (party) . : .
-
CPS /3
-
CPS /4 , .CPS , , . , .
-
(Foundation for Certification Operations )
-
(Levels of Service) certificate class, certificate policy
-
(Certificate Format) / 1 (profile) (field)
X.509 , , , , (relying parties),
-
(Certificate Format) / 2 X.509 Certificate policies CPS Other critical extensions CPS
-
(Certification Authority Relationship Structure) Hierarchical structure, PEM (infrastructure) CPS CPS CPS
-
NamingName subject (open electronic commerce ) naming system (subscriber) : personal name address, e-mail address, registered corporation name ([email protected])
name naming authority naming authority CPS
-
/ 1(Publication and Repository) (publication)
:(subject) CPS
-
/ 2(Publication and Repository)Repository ( ) (infrastructure) (robust) ,
-
Inter-domain Certificationdomain
(certification practice) inter-domain certification ,
-
(Right to Investigate Compromises)
, (compromise) , CPS
-
(Trustworthiness and Security) , trustworthy system
(Trustworthy system) (misuse)
-
(Financial Responsibility) , .
-
(Records)(activities) . (creation), (issuance), (use), (suspension), (revocation), (expiration), (renewal), (re-enrollment)
time stamp
-
(Audit) (auditing)
CPS (entity) (audit obligations)
-
(Contingency Planning and Disaster Recovery) (certificate status) (revocation information) CPS
-
Local Registration Authority(LRA) RequirementsLRA
LRA application LRA (issue)
LRA
-
(Termination of Operations) .,
CPS 90 (records)
-
(Criminal Activity)
.
-
Certificate Application Procedures Key Generation and Protection : : - ( )Validation of Certificate Applications
-
Certificate Issuance Certification Authoritys Representations to Subscribers CPS , Certification Authoritys Representations to Relying Parties : ,
-
Certificate Acceptance Representations by Subscriber upon Acceptance : . writing CPS , ,
-
Certificate Acceptance (contd)Indemnity by Subscriber Publication : ,
-
Use of Certificates for Digital Signature Verification Digital Signature Verification Process => root pathWritings and Signatures Writing : Signature :
-
Certificate Suspension and Revocation ( ) ., , , , Subject CPS CPS denial-of-service attack , (, real-time) /
-
Warranties and Limitations of Liability - Warranties : ABA Guideline
-
Warranties and Limitations of Liability (contd) class procedure Party CPS party , ,
-
Warranties and Limitations of Liability (contd)Disclaimers and limitations on Obligations Damage and Loss Limitations party , . . class
-
Warranties and Limitations of Liability (contd)No Fiduciary Relationship , , time-stemp, party
-
Miscellaneous ProvisionsCPS Conflict of ProvisionsCPS CPS Governing Lawopen communication network Dispute Resolution
-
Miscellaneous Provisions (contd)Change Procedures CPS - ( )
-
Ongoing EvolutionHarmonization , EDI, , Web - Technical community : cross-certification Legal community : ABA Guideline .Business community : CommerceNet Certification authorities :
-
Ongoing Evolution (contd)AutomationCPS development toolsCertificate policy negotiation and mappingOnline policy and practice negotiationCommercial and Legislative/Regulatory Directions ABA Guideline . . . ( )