- someone who is to use a certificate at, for example, https://www.google.com (note the https), may make a CRM or Certificate Request Message with OpenSSL (OpenSSL is a tool for experimenting with making CRMs, etc.)
- the party hosting the secure content will have a CA (certificate authority) which takes a CRM (from the party who wants to use its service) and hands back a certificate
- the certificate handed back is a PEM (Privacy Enhanced Mail)
- a PFK (Personal Exchange Format) may then be made by the requester from both the requester's private key and the PEM it just got back from the CA
- either the PEM with a private key and password may be handed to a secure party for authentication, or a PFK with a pasword may be used too
- something used often in this back and forth process, Modified Base 64 as an encoding differs from Base 64 in that the equal signs are replaced with underscores and spaces are replaced with plus symbols (and so on) to make the protocol friendly for sending messages over the URL line
Addendum 8/27/2015: I think PFK should really be PFX in these notes.
No comments:
Post a Comment