Get the LinuxSecurity news you want faster with RSS
Powered By
Security Dictionary
Can't tell 'smtp' from 'snmp'? Find the precise meaning of these and hundreds of other security-related terms in our convenient and up-to-date Security Dictionary.
certificate rekey
(I) The act or process by which an existing public-key certificate
has its public key value changed by issuing a new certificate with
a different (usually new) public key. (See: certificate renewal,
certificate update, rekey.)
(C) For an X.509 public-key certificate, the essence of rekey is
that the subject stays the same and a new public key is bound to
that subject. Other changes are made, and the old certificate is
revoked, only as required by the PKI and CPS in support of the
rekey. If changes go beyond that, the process is a "certificate
update".
(O) MISSI usage: To rekey a MISSI X.509 public-key certificate
means that the issuing authority creates a new certificate that is
identical to the old one, except the new one has a new, different
KEA key; or a new, different DSS key; or new, different KEA and
DSS keys. The new certificate also has a different serial number
and may have a different validity period. A new key creation date
and maximum key lifetime period are assigned to each newly
generated key. If a new KEA key is generated, that key is assigned
a new KMID. The old certificate remains valid until it expires,
but may not be further renewed, rekeyed, or updated.
