PKI notes

brief introduction ：PKI, Full name Public Key Infrastructure, Public key infrastructure .
With symmetric encryption and asymmetric encryption as PKI The bedding of , stay PKI With the support of （ Certificate and issuing authority ）, It enables secure communication between previously unknown parties around the world , It is one of the basic topics in the application of cryptography and secure communication .

Basic components of public key infrastructure ：

1. certificate ： An endorsed copy of a personal public key containing specific identification information , Subject to international standards X.509 Control . Provide assurances from both parties to the communication .
2. Issuing authority （CA）： Combine public infrastructure , A neutral institution that provides digital certificate notarization services .
3. Registered institution （RA）： To share the CA The burden of verifying users before issuing digital certificates , Although it does not directly issue certificates , But it plays an important role in the certification process , Allow remote authentication of users .

Other cryptographic concepts related to the implementation of secure global communications
Certificate generation and destruction ：1. register 2. verification 3. Cancellation
Certificate cancellation list （CRL）
Online Certificate Status Protocol （OCSP）

Summary ： Public key infrastructure （PKI） Through the issuing authority （CA） Generate digital certificates , It contains the public key and digital signature of the system user , The digital certificate relies on the combination of public key encryption and hash function

stay CISSP Preparing for the exam , We should mainly understand ： Issuing authority （CA） Generate a digital certificate containing the system public key , Users then distribute these certificates to the people they want to communicate with , For certificate recipient CA Public key authentication certificate for .