Netscape MANAGEMENT SYSTEM 4.5 Installation And Setup Manual page 838

certificate fingerprint A one-way hash associated with a certificate. The number
is not part of the certificate itself, but is produced by applying a hash function to
the contents of the certificate. If the contents of the certificate changes, even by a
single character, the same function produces a different number. Certificate
fingerprints can therefore be used to verify that certificates have not been tampered
with.
Certificate Management Messages over Cryptographic Message Syntax (CMC)
Message format used to convey a request for a certificate to a Registration Manager
or Certificate Manager. A proposed standard from the Internet Engineering Task
Force (IETF) PKIX working group. For detailed information, see
.
http://www.ietf.org/internet-drafts/draft-ietf-pkix-cmc-02.txt
Certificate Management Message Formats (CMMF) Message formats used to
convey certificate requests and revocation requests from end entities to a
Registration Manager or Certificate Manager and to send a variety of information
to end entities. A proposed standard from the Internet Engineering Task Force
(IETF) PKIX working group. CMMF is subsumed by another proposed standard,
Certificate Management Messages over Cryptographic Message Syntax (CMC). For
detailed information, see
.
http://www.ietf.org/internet-drafts/draft-ietf-pkix-cmmf-02.txt
Certificate Manager An independent CMS subsystem capable of acting as a
stand-alone certificate authority. A Certificate Manager instance issues, renews,
and revokes certificates, which it can publish along with CRLs to an LDAP
directory. It can be configured to accept requests from end entities, Registration
Managers, or both. When set up to work with a separate Registration Manager, the
Certificate Manager processes requests and returns the signed certificates to the
Registration Manager. See certificate authority (CA).
Certificate Manager agent A user who belongs to a group authorized to manage
agent services for a Certificate Manager. These services include the ability to access
and modify (approve and reject) certificate requests and issue certificates.
Certificate Request Message Format (CRMF) Format used for messages related
to life-cycle management of X.509 certificates. This format is a subset of CMMF. See
also Certificate Management Message Formats (CMMF). For detailed information,
see .
ftp://ftp.isi.edu/in-notes/rfc2511.txt
certificate revocation list (CRL) As defined by the X.509 standard, a list of
revoked certificates by serial number, generated and signed by a certificate
authority (CA).
838 Netscape Certificate Management System Installation and Setup Guide • October 2001