|
Safelayer
Safelayer Secure Communications S.A. is a Spanish private company founded in May 1999. It develops software products on the public key infrastructure area (digital security for identity management, electronic signature and data protection). Safelayer's technology is part of the three major certification and digital identity projects in Spain: Fábrica Nacional de Moneda y Timbre, the Spanish ID card ''DNI electrónico'' and the Spanish E-passport. Safelayer's technology also secures the NATO X400 messaging system''. Safelayer's technology has been EAL2 and EAL4+ Common Criteria certified. Currently, Safelayer is the only company with a whole family of products which are CC EAL4+ certified. Products * KeyOne CA: Certificate authority. * KeyOne VA: Validation authority ( OCSP responder) based on standard protocol OCSP from IETF. * KeyOne TSA: Time-stamping authority (Trusted Timestamping) based on standard protocol TSP from IETF. * KeyOne XRA: Registration authority. * ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Identification Card
An identity document (also called ID or colloquially as papers) is any document that may be used to prove a person's identity. If issued in a small, standard credit card size form, it is usually called an identity card (IC, ID card, citizen card), or passport card. Some countries issue formal identity documents, as national identification cards that may be compulsory or non-compulsory, while others may require identity verification using regional identification or informal documents. When the identity document incorporates a person's photograph, it may be called photo ID. In the absence of a formal identity document, a driver's license may be accepted in many countries for identity verification. Some countries do not accept driver's licenses for identification, often because in those countries they do not expire as documents and can be old or easily forged. Most countries accept passports as a form of identification. Some countries require all people to have an identity docu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IETF
The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and all its participants are volunteers. Their work is usually funded by employers or other sponsors. The IETF was initially supported by the federal government of the United States but since 1993 has operated under the auspices of the Internet Society, an international non-profit organization. Organization The IETF is organized into a large number of working groups and birds of a feather informal discussion groups, each dealing with a specific topic. The IETF operates in a bottom-up task creation mode, largely driven by these working groups. Each working group has an appointed chairperson (or sometimes several co-chairs); a charter that describes its focus; and what it is expected to produce, and when. It is open to all who want to particip ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OCSP
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed ''OCSP responders''. Some web browsers (Firefox) use OCSP to validate HTTPS certificates, while others have disabled it. Most OCSP revocation statuses on the Internet disappear soon after certificate expiration. Comparison to CRLs * Since an OCSP response contains less data than a typical certificate revocation list (CRL), it puts less burden on network and client resources. * Since an OCSP response has less data to parse, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OCSP Responder
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed ''OCSP responders''. Some web browsers ( Firefox) use OCSP to validate HTTPS certificates, while others have disabled it. Most OCSP revocation statuses on the Internet disappear soon after certificate expiration. Comparison to CRLs * Since an OCSP response contains less data than a typical certificate revocation list (CRL), it puts less burden on network and client resources. * Since an OCSP response has less data to p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Validation Authority
In public key infrastructure, a validation authority (VA) is an entity that provides a service used to verify the validity of a digital certificate per the mechanisms described in the X.509 standard and (page 69). The dominant method used for this purpose is to host a certificate revocation list for download via the HTTP or LDAP protocols. To reduce the amount of network traffic required for certificate validation, the OCSP protocol may be used instead. While a validation authority is capable of responding to a network-based request for a CRL, it lacks the ability to issue or revoke certificates. It must be continuously updated with current CRL information from a certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ... which issued the certificates contained withi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Certificate Authority
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard. One particularly common use for certificate authorities is to sign certificates used in HTTPS, the secure browsing protocol for the World Wide Web. Another common use is in issuing identity cards by national governments for use in electronically signing documents. Overview Trusted certificates can be used to create secure connections to a server via the Internet. A certificate is e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement '' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use. Common Criteria maintains a list of ce ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Structurally Tested
A structure is an arrangement and organization of interrelated elements in a material object or system, or the object or system so organized. Material structures include man-made objects such as buildings and machines and natural objects such as biological organisms, minerals and chemicals. Abstract structures include data structures in computer science and musical form. Types of structure include a hierarchy (a cascade of one-to-many relationships), a network featuring many-to-many links, or a lattice featuring connections between components that are neighbors in space. Load-bearing Buildings, aircraft, skeletons, anthills, beaver dams, bridges and salt domes are all examples of load-bearing structures. The results of construction are divided into buildings and non-building structures, and make up the infrastructure of a human society. Built structures are broadly divided by their varying design approaches and standards, into categories including building structures, a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
X400
X.400 is a suite of ITU-T Recommendations that defines the ITU-T Message Handling System (MHS). At one time, the designers of X.400 were expecting it to be the predominant form of email, but this role has been taken by the SMTP-based Internet e-mail. Despite this, it has been widely used within organizations and was a core part of Microsoft Exchange Server until 2006; variants continue to be important in military and aviation contexts. History The first X.400 Recommendations were published in 1984 (''Red Book''), and a substantially revised version was published in 1988 (''Blue Book''). New features were added in 1992 (''White Book'') and subsequent updates. Although X.400 was originally designed to run over the OSI transport service, an adaptation to allow operation over TCP/IP, RFC 1006, has become the most popular way to run X.400. Developed in cooperation with ISO/IEC, the X.400-series recommendations specify OSI standard protocols for exchanging and addressing electronic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
