818
Netscape Certificate Management System Administrator’s Guide • February 2003
Data Encryption Standard (DES)
A FIPS-approved cryptographic algorithm
required by FIPS 140-1 and specified by FIPS PUBS 46-2. DES, which uses 56-bit
keys, is a standard encryption and decryption algorithm that has been used
successfully throughout the world for more than 20 years. See also FIPS PUBS
140-1. For detailed information, see
http://www.itl.nist.gov/div897/pubs/fip46-2.htm
.
delta CRL
A CRL containing a list of those certificates that have been revoked
since the last full CRL was issued.
digital ID
See certificate.
digital signature
To create a digital signature, the signing software first creates a
one-way hash from the data to be signed (such as a newly issued certificate). The
one-way hash is then encrypted with the private key of the signer. The resulting
digital signature is unique for each piece of data signed. Even a single comma
added to a message changes the digital signature for that message. Successful
decryption of the digital signature with the signer’s public key and comparison
with another hash of the same data provides tamper detection. Verification of the
certificate chain for the certificate containing the public key provides
authentication of the signer. See also nonrepudiation, encryption.
Digital Signature Algorithm (DSA)
A FIPS-approved cryptographic algorithm
specified by the Digital Signature Standard (DSS), FIPS PUBS 186. DSA is a
standard algorithm used to create digital signatures. For detailed information, see
http://www.itl.nist.gov/div897/pubs/fip186.htm
.
distribution points
Used for CRLs to define a set of certificates. Each distribution
point is defined by a set of certificates that are issued. A CRL can be created for a
particular distribution point.
distinguished name (DN)
A series of AVAs that identify the subject of a
certificate. See attribute value assertion (AVA).
DSA
See Digital Signature Algorithm (DSA).
dual key pair
Two public-private key pairs--four keys altogether--corresponding
to two separate certificates. The private key of one pair is used for signing
operations, and the public and private keys of the other pair are used for
encryption and decryption operations. Each pair corresponds to a separate
certificate. See also encryption key, public-key cryptography, signing key.
Summary of Contents for Certificate Management System 6.1
Page 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Page 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Page 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Page 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Page 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Page 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Page 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...