12
12
@acronym{CRL} but used for @acronym{CA}s and not for end user
16
Verification model for X.509 which uses the creation date of a
17
signature as the date the validation starts and in turn checks that each
18
certificate has been issued within the time frame, the issuing
19
certificate was valid. This allows the verification of signatures after
20
the the CA's certificate expired. The validation test also required an
21
online check of the certificate status. The chain model is required by
22
the German signature law. See also @emph{Shell model}.
25
The @emph{Cryptographic Message Standard} describes a message
26
format for encryption and digital signing. It is closely related to the
27
X.509 certificate format. @acronym{CMS} was formerly known under the
28
name @code{PKCS#7} and is described by @code{RFC3369}.
16
The @emph{Certificate Revocation List} is a list containing
31
The @emph{Certificate Revocation List} is a list containing
17
32
certificates revoked by the issuer.
35
The @emph{Certificate Signing Request} is a message send to a CA to
36
ask them to issue a new certificate. The data format of such a signing
37
request is called PCKS#10.
40
A data format used to build a PKI and to exchange encrypted or
41
signed messages. In contrast to X.509, OpenPGP also includes the
42
message format but does not explicilty demand a specific PKI. However
43
any kind of PKI may be build upon the OpenPGP protocol.
20
46
This term is used by GnuPG to describe a 20 byte hash value used
21
47
to identify a certain key without referencing to a concrete protocol.
26
52
The @emph{Online Certificate Status Protocol} is used as an
27
53
alternative to a @acronym{CRL}. It is described in @code{RFC 2560}.
56
The @emph{Personal Security Environment} describes a database to
57
store private keys. This is either a smartcard or a collection of files
58
on a disk; the latter is often called a Soft-PSE.
62
The standard model for validation of certificates under X.509. At the
63
time of the verification all certifciates must be valid and not expired.
64
See also @emph{Chain mode}.
68
Description of a PKI used with CMS. It is for example
69
defined by @code{RFC3280}.