Cs Sdk; Support For Open Standards; Certificate Management Formats And Protocols - Red Hat CERTIFICATE SYSTEM 7.2 - ADMINISTRATION Administration Manual

three times as long as the key for standard DES. Because the key size is so large, there are
approximately 3.7 * 10
• RC4 and RC2 and MD5 Message Authentication. The RC4 and RC2 ciphers have 128-bit
encryption, which permits approximately 3.4 * 10
very difficult to crack. RC4 ciphers are faster than RC2 ciphers.
RC4 can use SHA-1 message authentication as well as MD5 message authentication.
• DES and SHA-1 Message Authentication. DES 56-bit encryption permits approximately 7.2
16
* 10 possible keys. This cipher suite is no longer FIPS-compliant because it is too weak
cryptographically.

1.5. CS SDK

The Certificate System Software Development Kit (SDK) includes information for developing new plug-
in modules and for customizing different components of the Certificate System. The CS SDK contains
the following:
• Javadocs. Complete Javadoc specification of the Certificate System Application Programming
Interface (API).
• Samples. Sample source code of different plug-in modules included with the Certificate System.
This source code is included only for reference and is only to demonstrate how a particular
Certificate System feature was implemented. Since this code is currently present in the Certificate
System, it does not need to be recompiled.
• Tutorials. A tutorial to demonstrate how to create custom plug-in modules for the Certificate System.
Each tutorial includes sample Java™ source code, environment, build script, and a detailed
instructions for building and installing the plug-in modules. Some tutorials also contain sample
configuration files.

1.6. Support for Open Standards

This section lists the standard message formats and protocols supported by the Certificate System.

1.6.1. Certificate Management Formats and Protocols

The Certificate System supports the following certificate management formats and protocols. For more
details about the proposed PKIX standards listed here, see
charter.html under Internet Drafts.
• Certificate Request Message Format (CRMF). A message format to send a certificate request to a
CA. A standard from the Internet Engineering Task Force (IETF) PKIX working group.
• Certificate Management Message Formats (CMMF). Message formats to send certificate requests
and revocation requests from end entities to a CA and to return information to end entities. A
proposed standard from the IETF PKIX working group. CMMF has been subsumed by another
standard, CMC.
• Certificate Management Messages over CS (CMC). A general interface to public-key certification
products based on CS and PKCS #10, including a certificate enrollment protocol for RSA-signed
50
possible keys. This cipher suite is FIPS-compliant.
38
possible keys. This makes RC4 or RC2 keys
http://www.ietf.org/html.charters/pkix-
CS SDK
21