Siemens SINAUT MD741-1 System Manual page 150

Egprs/gprs-router

Hide thumbs Also See for SINAUT MD741-1:

System manual (137 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

page of 150

/ 150
Contents
Table of Contents
Bookmarks

Table of Contents

Glossary

X.509

150

A kind of "seal" which proves the authenticity of a Public Key (

asymmetrical encryption) and appendant data.

So that the user of the public key for encryption can be certain that the

public key conveyed to him really does come from its issuer and hence

from the entity that is to receive the data to be sent, certification can be

used. This verification of the authenticity of the public key and the

consequent link between the identity of the issuer and his key is

performed by a Certification Authority or CA. This is done according to

the rules of the CA, for example by the issuer of the public key being

required to appear in person. Following successful inspection the CA

signs the public key with its (digital) signature. A certificate is created.

An X.509(v3) certificate therefore contains a public key, information

about the key owner (given as Distinguished Name (DN)), permitted

designated uses, etc. and the signature of the CA.

The signature is created as follows: from the bit sequence of the public

key, the data on its owner and other data, the CA creates an individual

bit sequence which can be up to 160 bits long, the HASH value. This is

encrypted by the CA using its private key and added to the certificate.

Encryption with the CA's private key is proof of authenticity, i.e. the

encrypted HASH character sequence is the digital signature of the CA.

Should the data of the certificate be changed without authorization, the

HASH value is no longer correct and the certificate then becomes

worthless.

The HASH value is also known as the fingerprint. As it is encrypted

with the private key of the CA, anyone in possession of the

corresponding public key can decrypt the bit sequence and thus check

the authenticity of the fingerprint or signature in question.

Involving certification authorities means that not every key owner

needs to know the other one, but only the certification authority used.

The additional key information also simplifies the administrability of the

key.

X.509 certificates are employed, e.g. in e-mail encryption, using

S/MIME or IPsec.

SINAUT MD741-1

C79000-G8976-C236-05

Table of Contents

Siemens SINAUT MD741-1 System Manual page 150

Related Manuals for Siemens SINAUT MD741-1

Related Products for Siemens SINAUT MD741-1

Table of Contents