Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008 Installation Manual page 822
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008:
- Supplementary manual (18 pages)
Table of Contents
Advertisement
Private Key
The private key must be kept safely by the key owner. Accidental publication of
the private key compromises the key pair and renders it useless.
Public Key
The key owner circulates the public key for use by third parties.
42.1.1 Key Authenticity
Because the public key process is in widespread use, there are many public keys in
circulation. Successful use of this system requires that every user be sure that a public
key actually belongs to the assumed owner. The assignment of users to public keys is
confirmed by trustworthy organizations with public key certificates. Such certificates
contain the name of the key owner, the corresponding public key, and the electronic
signature of the person issuing the certificate.
Trustworthy organizations that issue and sign public key certificates are usually part
of a certification infrastructure that is also responsible for the other aspects of certificate
management, such as publication, withdrawal, and renewal of certificates. An infras-
tructure of this kind is generally referred to as a public key infrastructure or PKI. One
familiar PKI is the OpenPGP standard in which users publish their certificates them-
selves without central authorization points. These certificates become trustworthy when
signed by other parties in the "web of trust."
The X.509 Public Key Infrastructure (PKIX) is an alternative model defined by the
IETF (Internet Engineering Task Force) that serves as a model for almost all publicly-
used PKIs today. In this model, authentication is made by certificate authorities (CA)
in a hierarchical tree structure. The root of the tree is the root CA, which certifies all
sub-CAs. The lowest level of sub-CAs issue user certificates. The user certificates are
trustworthy by certification that can be traced to the root CA.
The security of such a PKI depends on the trustworthiness of the CA certificates. To
make certification practices clear to PKI customers, the PKI operator defines a certifi-
cation practice statement (CPS) that defines the procedures for certificate management.
This should ensure that the PKI only issues trustworthy certificates.
804
Installation and Administration
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008
Related Products for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008
- NOVELL IDENTITY MANAGER 3.6.1 - UNDERSTANDING POLICIES 05-06-2009
- NOVELL LINUX ENTERPRISE SERVER 10 - ARCHITECTURE-SPECIFIC INFORMATION 08-04-2006
- NOVELL LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 04-08-2006
- NOVELL LOGIN SCRIPTS - 08-2008
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - STORAGE SERVICES AUDITING CLIENT LOGGER UTILITY REFERENCE 04-29-2010
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - ADMINISTRATOR REFERENCE 06-17-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - DEVELOPMENT CLIENT REFERENCE 08-28-2009
- NOVELL SENTINEL LOG MANAGER 1.0.0.5 - 03-31-2010
- NOVELL SUPPORT ADVISOR - 04-2010
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP 2
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010