Get the LinuxSecurity news you want faster with RSS
Powered By
Security Dictionary
Can't tell 'smtp' from 'snmp'? Find the precise meaning of these and hundreds of other security-related terms in our convenient and up-to-date Security Dictionary.
registration
(I) An administrative act or process whereby an entity's name and
other attributes are established for the first time at a CA, prior
to the CA issuing a digital certificate that has the entity's name
as the subject. (See: registration authority.)
(C) Registration may be accomplished either directly, by the CA,
or indirectly, by a separate RA. An entity is presented to the CA
or RA, and the authority either records the name(s) claimed for
the entity or assigns the entity's name(s). The authority also
determines and records other attributes of the entity that are to
be bound in a certificate (such as a public key or authorizations)
or maintained in the authority's database (such as street address
and telephone number). The authority is responsible, possibly
assisted by an RA, for authenticating the entity's identity and
verifying the correctness of the other attributes, in accordance
with the CA's CPS.
(C) Among the registration issues that a CPS may address are the
following [R2527]:
- How a claimed identity and other attributes are verified.
- How organization affiliation or representation is verified.
- What forms of names are permitted, such as X.500 DN, domain
name, or IP address.
- Whether names are required to be meaningful or unique, and
within what domain.
- How naming disputes are resolved, including the role of
trademarks.
- Whether certificates are issued to entities that are not
persons.
- Whether a person is required to appear before the CA or RA, or
can instead be represented by an agent.
- Whether and how an entity proves possession of the private key
matching a public key.
