Standards supported by W2K
Standard | What it defines | Why it matters |
X.509 version 3 | Format and content of digital certificates | Without a standard for certificate formats, there’s no way to exchange certificates between vendors |
CRL version | Formats and content of certificate revocation lists | Sites need to have a way to interchange revocation information |
PKCS family | Format and behavior for Public key exchange and distribution | Allows different vendors’ implementations to request and move certificates in a way that all understand |
PKIX | Format and behavior for Public key exchange and distribution | PKIX is an emerging PKI standard that many major vendors and enterprises are adopting in place of the PKCS standard |
SSL version 3 | Encryption for web sessions | SSL in the best-known and most widely used security protocol on the internet , but it’s subject to export controls |
SGC | Provides SSL-like security without export complications | SGC allows full 128-bit security and is exportable for certain uses |
IPSec | Encryption for network sessions using the internet protocol (IP) |
IPSec promises to offer transparent and automatic encryption of network connections |
PKINIT | Emerging standard for using Public keys to log on to networks that use the Kerberos authentication protocol |
Kerberos identifies users on the network; PKINIT allows Kerberos to use digital certificates on smart cards as credentials |
PG/SC | Standard for interfacing to smart cards | Any vendor’s smart cards that adhere to this standard can be used under W2K without the need for proprietary software |