Burr, W. E., Federal PKI Concept of Operations, Federal PKI Technical Working Group, November 1995, DRAFT.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....Governments, Government trading partners, benefit recipients, tax payers, citizens, and subscribers of other infrastructures. This document adopts some of the nomenclature defined in the Public Key Infrastructure Study [11] as interpreted and presented in the Federal PKI Concept of Operations [2] (CONOPS) The Federal PKI is organized as a hierarchy for practical and administrative reasons. At the same time, and through the use of cross certificates, it can be traversed as a network of systems. As PKI Technical Working Group PKI TSP D7 2 indicated in the CONOPS [2] trust is delegated ....

....Concept of Operations [2] CONOPS) The Federal PKI is organized as a hierarchy for practical and administrative reasons. At the same time, and through the use of cross certificates, it can be traversed as a network of systems. As PKI Technical Working Group PKI TSP D7 2 indicated in the CONOPS [2], trust is delegated hierarchically and most cross certificates are required to preserve that delegation. The use of special cross certificates can override restrictions imposed on trust and naming space, but their use is limited to leaf CAs to limit the circumvention of restrictions to only ....

[Article contains additional citation context not shown here]

Burr, W. E., Federal PKI Concept of Operations, Federal PKI Technical Working Group, November 1995, DRAFT.

....MISPC is designed to support both hierarchical and networked trust models as shown in Figures 2.1 and 2.2, respectively. In a hierarchical trust model, trust is developed by a CA certifying subordinate CAs which implies the existence of root CA that is trusted by all nodes of the infrastructure [7]. In Figure 2.1, the top most CA is the root CA which issues certificates (indicated by a single headed arrow) to subordinate CAs that may in turn issue certificates to other CAs or CHs. All subordinate CAs and CHs must trust the root CA because all trust developed within the infrastructure ....

.... messageTime [0] GeneralizedTime OPTIONAL, protectionAlg [1] AlgorithmIdentifier OPTIONAL, senderKID [2] KeyIdentifier OPTIONAL, recipKID [3] KeyIdentifier OPTIONAL, transactionID [4] OCTET STRING OPTIONAL, senderNonce [5] OCTET STRING OPTIONAL, recipNonce [6] OCTET STRING OPTIONAL, freeText [7] PKIFreeText OPTIONAL Figure 2.6 ASN.1 Specification of PKIHeader Element. component is conducting multiple PKI transactions. The transactionID field is required by the MISPC for ORA Certificate Registration and Certificate Revocation transaction messages. The senderNonce and recipNonce are ....

[Article contains additional citation context not shown here]

W.E. Burr. TWG--96--102: Public Key Infrastructure (PKI): Technical Specification (Version 2.3): Part C -- Concept of Operations. Federal PKI Technical Working Group, November 1996.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC