D-Link DWS-1008 - AirPremier MobileLAN Switch Product Manual page 485

pairwise transient key - See PTK.
PAT - Port address translation. A type of network address translation (NAT) in which each computer on
a LAN is assigned the same IP address, but a different port number. See also NAT.
PEAP - Protected Extensible Authentication Protocol. A draft extension to the Extensible Authentication
Protocol with Transport Layer Security (EAP-TLS), developed by Microsoft Corporation, Cisco Systems,
and RSA Data Security, Inc. TLS is used in PEAP Part 1 to authenticate the server only, and thus
avoids having to distribute user certificates to every client. PEAP Part 2 performs mutual authentication
between the EAP client and the server. Compare EAP-TLS.
PEM - Privacy-Enhanced Mail. A protocol, defined in RFC 1422 through RFC 1424, for transporting
digital certificates and certificate signing requests over the Internet. PEM format encodes the certificates
on the basis of an X.509 hierarchy of certificate authorities (CAs). Base64 encoding is used to convert
the certificates to ASCII text, and the encoded text is enclosed between BEGIN CERTIFICATE and
END CERTIFICATE delimiters.
Per-VLAN Spanning Tree protocol - See PVST+.
PIM - Protocol Independent Multicast protocol. A protocol-independent multicast routing protocol that
supports thousands of groups, a variety of multicast applications, and existing Layer 2 subnetwork
technologies. PIM can be operated in two modes: dense and sparse. In PIM dense mode (PIM-DM),
packets are flooded on all outgoing interfaces to many receivers. PIM sparse mode (PIM-SM) limits data
distribution to a minimal number of widely distributed routers. PIM-SM packets are sent only if they are
explicitly requested at a rendezvous point (RP).
PKCS - Public-Key Cryptography Standards. A group of specifications produced by RSA Laboratories
and secure systems developers, and first published in 1991. Among many other features and functions,
the standards define syntax for digital certificates, certificate signing requests, and key transportation.
PKI - Public-key infrastructure. Software that enables users of an insecure public network such as the
Internet to exchange information securely and privately. The PKI uses public-key cryptography (also
known as asymmetric cryptography) to authenticate the message sender and encrypt the message by
means of a pair of cryptographic keys, one public and one private. A trusted certificate authority (CA)
creates both keys simultaneously with the same algorithm. A registration authority (RA) must verify the
certificate authority before a digital certificate is issued to a requestor.
The PKI uses the digital certificate to identify an individual or an organization. The private key is given
only to the requesting party and is never shared, and the public key is made publicly available (as part
of the digital certificate) in a directory that all parties can access. You use the private key to decrypt text
that has been encrypted with your public key by someone else. The certificates are stored (and, when
necessary, revoked) by directory services and managed by a certificate management system. See also
certificate authority (CA); registration authority (RA).
D-Link DWS-1008 User Manual