Active Directory Services
Certification Authority
Certificate Revocation List
Certificate Revocation Request
Certificate Signing Request
DeMilitarized Zone is an area which is isolated from the inner and outer network of a firewall system. It is used to place servers in a protected area which has no direct access to the inner and outer network but can offer this service to people or systems in both areas. This is a very short description. Please consult specialized books or even better humans if you have absolute no idea how firewall systems work. This is really security relevant.
Distinguished Name
The Global Unique IDentifier is a 16 byte string for an object the ADS. Every domain controller have such a GUID for example and they must be present in the certificates of these domain controllers.
is nothing else than HTTP trough a SSL or TLS tunnel. It protects the communication between a http server and a browser. It was the first application for SSL and should be today the world's most widely used SSL application.
is nothing else than IMAP trough a SSL or TLS tunnel. It protects the communication between a mail server and a mail user agent if the user reads and manage it's mail.
Lightweight Directory Access Protocol
Level Of Assurance defines the quality of the identification of the certificate owner. Sometimes it is usefule to know how the owner of certificate was identified or would you send money because of signed mail if the owner was identified via email?
Mail Transfer Agent - a tool to send mail to other users or mail servers, e.g. Mozilla, Outlook (Express). Sendmail can be a MTA too if it acts as client.
Mail User Agent - e.g. Mozilla, Outlook (Express). This is the tool which a user uses to read and handle it's mail.
This is the management interface for an OpenCA installation on one machine.
Public Key Cryptography Standards are developed by RSA Security. They are widely accepted in the PKI area.
defines the ASN.1 structure of certificate signing request
is nothing else than POP trough a SSL or TLS tunnel. It protects the communication between a mail server and a mail user agent if the user reads and manage it's mail.
Registration Authority
Simple Certificate Enrollment Protocol was developed by Cisco and is used to handle the communication between a PKI and networkcomponents like router, switches and other (perhaps software) VPN components.
Secure MIME is a standard which defines how secured emails must be formatted. Please check the listed RFCs to find references to more detailed descriptions.
Simple Mail Transfer Protocol is used by mailservers like sendmail to exchange the mails. The protocol is used for mailtransfer from simple MTAs like Mozilla to servers like sendmail and for transfers from server to server.
is nothing else than SMTP trough a TLS tunnel. It protects the communication between a mail server and a mail user agent if the user reads and manage it's mail.
Signed Public Key And Challenge is a standard for CSRs from Netscape.
Secure Socket Layer is a tranport layer security protocol. It was one of the first certificate based security protocols for tunneling. Netscape developed this protocol for it's webbrowser Navigator. TLS is the standardized follower of this protocol. Today the versions 2 and 3 are still widely used and supported.
The subject of a certificate or of a request is the name of the certificate or request. The subject is a distinguished name and looks like “cn=Jon Doe, ou=Sales, o=startup, c=us”.
A symlink is nothing else than a symbolic link. Such links will be created by OpenCA usually with ln -s. We always try to avoid the shortcut but sometimes we are simply to fast ;-)
Transport Layer Security is a tranport layer security protocol. It is the standardized successor of SSL. All modern browsers use this protocol but it can be used to tunnel every other TCP based service.
Trusted Third Party is usually a trustworthy external CA.
The Universal Principle Name is the user account plus the domain name. They are connected with an at-sign @. Example: john_doe@company.com.