|
Simple Certificate Enrollment Protocol
Simple Certificate Enrollment Protocol (SCEP) is described by the informational . Older versions of this protocol became a de facto industrial standard for pragmatic provisioning of digital certificates mostly for network equipment. The protocol has been designed to make the request and issuing of digital certificates as simple as possible for any standard network user. These processes have usually required intensive input from network administrators, and so have not been suited to large-scale deployments. Popularity The Simple Certificate Enrollment Protocol still is the most popular and widely available certificate enrollment protocol, being used by numerous manufacturers of network equipment and software who are developing simplified means of handling certificates for large-scale implementation to everyday users. It is used for example by the Cisco IOS operating system (even if Cisco is now pushing the slightly more featured EST) and iPhones to enroll in enterprises PKI. Mo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Protocol (computing)
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any kind of variation of a physical quantity. The protocol defines the rules, syntax, semantics and synchronization of communication and possible error recovery methods. Protocols may be implemented by hardware, software, or a combination of both. Communicating systems use well-defined formats for exchanging various messages. Each message has an exact meaning intended to elicit a response from a range of possible responses pre-determined for that particular situation. The specified behavior is typically independent of how it is to be implemented. Communication protocols have to be agreed upon by the parties involved. To reach an agreement, a protocol may be developed into a technical standard. A programming language describes the same for computations, so there is a close analogy between protocols and programming languages: ''protocols are t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Certificate Management Over CMS
The Certificate Management over CMS (CMC) is an Internet Standard published by the IETF, defining transport mechanisms for the Cryptographic Message Syntax (CMS). It is defined in , its transport mechanisms in . Similarly to the Certificate Management Protocol (CMP), it can be used for obtaining X.509 digital certificates in a public key infrastructure (PKI). CMS is one of two protocols utilizing the Certificate Request Message Format (CRMF), described in , with the other protocol being CMP. The Enrollment over Secure Transport (EST) protocol, described in {{IETF RFC, 7030, can be seen as a profile of CMC for use in provisioning certificates to end entities. As such, EST can play a similar role to SCEP. See also * Certificate Management Protocol (CMP) * Simple Certificate Enrollment Protocol (SCEP) * Enrollment over Secure Transport (EST) * Automated Certificate Management Environment The Automatic Certificate Management Environment (ACME) protocol is a communications ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Automated Certificate Management Environment
The Automatic Certificate Management Environment (ACME) protocol is a communications protocol for automating interactions between certificate authorities and their users' servers, allowing the automated deployment of public key infrastructure at very low cost. It was designed by the Internet Security Research Group (ISRG) for their Let's Encrypt service. The protocol, based on passing JSON-formatted messages over HTTPS, has been published as an Internet Standard in by its own chartered IETF working group. Client implementations The ISRG provides free and open-source reference implementations for ACME: certbot is a Python-based implementation of server certificate management software using the ACME protocol, and ''boulder'' is a certificate authority implementation, written in Go. Since 2015 a large variety of client options have appeared for all operating systems. ACME service providers Providers which support no-cost or low-cost ACME based certificate services inclu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Elliptic-curve Cryptography
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide equivalent security.Commercial National Security Algorithm Suite and Quantum Computing FAQ U.S. National Security Agency, January 2016. Elliptic curves are applicable for , s, [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internet Draft
An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are intended to be work-in-progress documents for work that is eventually to be published as a Request for Comments (RFC) and potentially leading to an Internet Standard. It is considered inappropriate to rely on Internet Drafts for reference purposes. I-D citations should indicate the I-D is a ''work in progress''. An Internet Draft is expected to adhere to the basic requirements imposed on any RFC. An Internet Draft is only valid for six months unless it is replaced by an updated version. An otherwise expired draft remains valid while it is under official review by the Internet Engineering Steering Group The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical stand ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Peter Gutmann (computer Scientist)
Peter Claus Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, Auckland, New Zealand. He has a Ph.D. in computer science from the University of Auckland. His Ph.D. thesis titled and a book based on the thesis were about a cryptographic security architecture. He is interested in computer security issues, including security architecture, security usability (or more usually the lack thereof), and hardware security; he has discovered several flaws in publicly released cryptosystems and protocols. He is the developer of the cryptlib open source software security library and contributed to PGP version 2. In 1994 he developed the Secure FileSystem (SFS). He is also known for his analysis of data deletion on electronic memory media, magnetic and otherwise, and devised the Gutmann method for erasing data from a hard drive more or less securely. Having lived in New Zealand for some time, he has written on such subjects as weta (a group of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cisco Systems
Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational corporation, multinational digital communications technology conglomerate (company), conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, software, telecommunications equipment and other high-technology services and products. Cisco specializes in specific tech markets, such as the Internet of Things (IoT), internet domain, domain security, videoconferencing, and energy management with List of Cisco products, leading products including Webex, OpenDNS, XMPP, Jabber, Duo Security, and Cisco Jasper, Jasper. Cisco is one of the List of largest technology companies by revenue, largest technology companies in the world ranking 74 on the Fortune 100 with over $51 billion in revenue and nearly 80,000 employees. Cisco Systems was founded in December 1984 by Leonard Bosack and Sandy Lerner, two Stanford University computer scientists who ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Certificate Management Protocol
The Certificate Management Protocol (CMP) is an Internet protocol standardized by the IETF used for obtaining X.509 digital certificates in a public key infrastructure (PKI). CMP is a very feature-rich and flexible protocol, supporting any types of cryptography. CMP messages are self-contained, which, as opposed to EST, makes the protocol independent of the transport mechanism and provides end-to-end security. CMP messages are encoded in ASN.1, using the DER method. CMP is described in . Enrollment request messages employ the Certificate Request Message Format (CRMF), described in . The only other protocol so far using CRMF is Certificate Management over CMS (CMC), described in . History An obsolete version of CMP is described in , the respective CRMF version in . CMP Updateis in preparation as well as Lightweight CMP Profilefocusing on industrial use. PKI Entities In a public key infrastructure (PKI), so-called end entities (EEs) act as CMP client, requesting one or more c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Automatic Certificate Management Environment
The Automatic Certificate Management Environment (ACME) protocol is a communications protocol for automating interactions between certificate authority, certificate authorities and their users' servers, allowing the automated deployment of public key infrastructure at very low cost. It was designed by the Internet Security Research Group (ISRG) for their Let's Encrypt service. The protocol, based on passing JSON-formatted messages over HTTPS, has been published as an Internet Standard in by its own chartered Internet Engineering Task Force, IETF working group. Client implementations The ISRG provides Free and open-source software, free and open-source reference implementations for ACME: certbot is a Python (programming language), Python-based implementation of server certificate management software using the ACME protocol, and ''boulder'' is a certificate authority implementation, written in Go (programming language), Go. Since 2015 a large variety of client options have appe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key Certificate
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer). If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject. In email encryption, code signing, and e-signature systems, a certificate's subject is typically a person or organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intune
Microsoft Intune (formerly Windows Intune) is a Microsoft cloud-based unified endpoint management service for both corporate and BYO devices. It extends some of the "on-premises" functionality of Microsoft Endpoint Configuration Manager to the Microsoft Azure cloud. Distribution No on-premises infrastructure is required for clients to use Intune, and management is accomplished using a web-based portal. Distribution is through a subscription system in which a fixed monthly cost is incurred per user. It is also to use Endpoint Manager in co management with Microsoft Endpoint Configuration Manager. It is included in Microsoft Enterprise Mobility + Security (EMS) suite and Microsoft Office 365 Enterprise E5, which were both succeeded by Microsoft 365 in July 2017. Microsoft 365 Business Premium licenses also include Intune and EMS. Function Intune supports Android, iOS, MacOS and Windows Operating Systems. Administration is done via a web browser. The administration console ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Active Directory
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralized domain management. However, Active Directory eventually became an umbrella title for a broad range of directory-based identity-related services. A server running the Active Directory Domain Service (AD DS) role is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network, assigning and enforcing security policies for all computers, and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information, provides authentication and authorization mec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
_(cropped).jpg "Click for more on -> Peter Gutmann (computer Scientist)")
