View
220
Download
4
Embed Size (px)
Citation preview
PKIsPKIs
To use public key methods, an To use public key methods, an organization must establish a organization must establish a comprehensive comprehensive Public Key Public Key Infrastructure (PKI)Infrastructure (PKI)• A PKI automates most aspects of using A PKI automates most aspects of using
public key encryption and public key encryption and authenticationauthentication
• Uses a Uses a PKI ServerPKI ServerPKI
Server
PKIsPKIs PKI Server Creates Public Key-Private PKI Server Creates Public Key-Private
Key PairsKey Pairs• Distributes private keys to applicants Distributes private keys to applicants
securelysecurely• Often, private keys are embedded in Often, private keys are embedded in
delivered softwaredelivered software
PKIServer
Private Key
PKIsPKIs PKI Server Provides CRL ChecksPKI Server Provides CRL Checks
• Distributes digital certificates to Distributes digital certificates to verifiersverifiers
• Checks certificate revocation list before Checks certificate revocation list before sending digital certificatessending digital certificates
PKIServer
Digital Certificate
PKIsPKIs CRL CRL (Certificate Revocation List)(Certificate Revocation List) Checks Checks
• If applicant gives verifier a digital If applicant gives verifier a digital certificate,certificate,
• The verifier must check the certificate The verifier must check the certificate revocation listrevocation list
PKIServer
OK?
OK or Revoked
CRL