Professional Documents
Culture Documents
509 Certificate
Introduction
An X.509 certificate is a digital certificate that uses X.509 public key infrastructure
(PKI) standard to verify that a public key belongs to the user.
Used for identity validation and for transmission of encrypted data that only the
owner of certificate is able to decrypt
This tells the application or server that the entity trying to access it is legitimate
History of X.509
X.509 was initially issued on July 3, 1988 and was begun in association with the X.500
standard.
It assumes a strict hierarchical system of certificate authorities (CAs) for issuing the
certificates.
However,the X.509 trust model has survived and has been largely adopted in the Internet.
The first adoption of this trust model goes back to the X.509 implementation of SSL for
the Web browser Netscape in 1994
Entities in X.509 certificate management.
To do this, it first generates a key pair, keeping the private key secret and using it to sign
the CSR. This contains information identifying the applicant and the applicant's public key
that is used to verify the signature of the CSR. The CSR may be accompanied by other
credentials or proofs of identity required by the certificate authority.
1. Fundamental thought -> Each RP confides in a CA, which guarantees different CAs for
its RPs
3. Trust connections between CAs are formalized utilizing cross authentications issued to
each other.
1. Inter-CA Trust Topologies(contd.)
2. Recognition by an RP or an
independent TTP
1. Fundamental thought -> users in a given community can obtain advice from the leader
of this community about the relevance of certificates for their electronic transactions.
2. The recommenders create a list of minimum requirements and recognize all CAs whose
certificates have assurance levels greater than the minimum requirements.
3. The trust list topology may be built using a political process called the cross recognition
process.
2. Recognition by an RP or an
independent TTP(contd.)
2. The independence of the recommender from CAs and the absence of need to build
certification paths for the validation of certificates, the recognition approach is more
convenient.
3.Trust Framework Architectural
Model(TLoCERT calculation)
1. Fundamental thought -> Determining the factors which have an influence on certificate
trustworthiness is a main task for computing its trust level.
2. The TLoCert calculation method involves quantitatively measuring this trust level.
A. Computing RoCERT -> Three ratings (RoCERT) 0, 0.5, I which are assigned to the
certificate and express its initial correctness evaluation.
RepScore = a*rtg+(1-a)OldRepScore
3.Trust Framework Architectural
Model(TLoCERT calculation)
2)Evaluating a SLoCA
The SLoCA values are 1,0.5, and ° that correspond to strong, medium, and weak.
3)Determining TLoCA
1. X.509 certificates have been largely adopted today by many people and organizations
for proving their identities.
2. So the reliability and trust levels of these certificates come into question.
3. As a solution, different trust models were proposed and we did a survey on thee
models so as to evaluate each one of these.