ServersNew in W2K: Public Key Infrastructure services Page 2

New in W2K: Public Key Infrastructure services Page 2




Bart Teunis

Standards supported by W2K

Standard What it defines Why it matters
X.509 version 3 Format and content of digital certificates Without a standard for certificate formats, there’s no way
to exchange certificates between vendors
CRL version Formats and content of certificate revocation lists Sites need to have a way to interchange revocation information
PKCS family Format and behavior for Public key exchange and distribution Allows different vendors’ implementations to request and move
certificates in a way that all understand
PKIX Format and behavior for Public key exchange and distribution PKIX is an emerging PKI standard that many major vendors and
enterprises are adopting in place of the PKCS standard
SSL version 3 Encryption for web sessions SSL in the best-known and most widely used security protocol
on the internet , but it’s subject to export controls
SGC Provides SSL-like security without export complications SGC allows full 128-bit security and is exportable for certain
uses
IPSec Encryption for network sessions using the internet protocol
(IP)
IPSec promises to offer transparent and automatic encryption
of network connections
PKINIT Emerging standard for using Public keys to log on to networks
that use the Kerberos authentication protocol
Kerberos identifies users on the network; PKINIT allows
Kerberos
to use digital certificates on smart cards as credentials
PG/SC Standard for interfacing to smart cards Any vendor’s smart cards that adhere to this standard can
be used under W2K without the need for proprietary software

Latest Posts

Related Stories