Exam 3: Essential Public Key Infrastructure

Digital signature provides not only data origin authentication but also data ____.

Briefly describe the main characteristics of an authority revocation list.

A CA certificate signed by another CA's private key is referred as a(n) ____ .

The ____ is intended for displaying information to a replying party when a certificate is used.

A(n) ____ creates key pairs and also implements backup and recovery of private keys.

____ is a critical extension only applicable for CA certificates. It is composed of two fields called permitted subtrees and excluded subtrees.

The ____ phase ensures that the private key and public key certificates created are used correctly and efficiently in the PKI community.

If a CA creates a certificate that is signed by its own private key, it is commonly known as a(n) ____.

____ authentication means that only a single assurance method is used for authentication.

The fundamental premise of public key cryptography is to provide secure communication between strangers.

Key and certificate life cycle management must be in place to enable public key cryptography to be used correctly.

What are the general requirements a security infrastructure must satisfy?

____ is a publishing method in which revocation information is updated and posted for entities in the PKI community to obtain.

____________________ is the assurance that an entity is who it claims to be.

Alice is sending a message to Bob. How can Alice ensure data integrity?

What are the steps required to use a CRL DP?

What are the three most common methods for implementing Delta CRL?

What are the four assurance methods? Give examples of each.

The _________________________ is the centerpiece and the most critical component of a PKI.

The PKIX Working Group was established in the fall of 1995 under the standard organization ____.