1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-08 21:18:51 +01:00
gnupg/doc/glossary.texi

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

73 lines
2.6 KiB
Plaintext
Raw Normal View History

2004-06-29 09:16:40 +02:00
@c Copyright (C) 2004 Free Software Foundation, Inc.
@c This is part of the GnuPG manual.
@c For copying conditions, see the file gnupg.texi.
@node Glossary
@unnumbered Glossary
@table @samp
@item ARL
The @emph{Authority Revocation List} is technical identical to a
@acronym{CRL} but used for @acronym{CA}s and not for end user
certificates.
@item Chain model
Verification model for X.509 which uses the creation date of a
signature as the date the validation starts and in turn checks that each
certificate has been issued within the time frame, the issuing
certificate was valid. This allows the verification of signatures after
2009-07-22 15:33:46 +02:00
the CA's certificate expired. The validation test also required an
online check of the certificate status. The chain model is required by
the German signature law. See also @emph{Shell model}.
@item CMS
The @emph{Cryptographic Message Standard} describes a message
format for encryption and digital signing. It is closely related to the
X.509 certificate format. @acronym{CMS} was formerly known under the
name @code{PKCS#7} and is described by @code{RFC3369}.
2004-06-29 09:16:40 +02:00
@item CRL
2006-09-22 20:15:18 +02:00
The @emph{Certificate Revocation List} is a list containing
2004-06-29 09:16:40 +02:00
certificates revoked by the issuer.
@item CSR
The @emph{Certificate Signing Request} is a message send to a CA to
ask them to issue a new certificate. The data format of such a signing
request is called PCKS#10.
@item OpenPGP
A data format used to build a PKI and to exchange encrypted or
signed messages. In contrast to X.509, OpenPGP also includes the
2009-07-22 15:33:46 +02:00
message format but does not explicitly demand a specific PKI. However
any kind of PKI may be build upon the OpenPGP protocol.
@item Keygrip
This term is used by GnuPG to describe a 20 byte hash value used
to identify a certain key without referencing to a concrete protocol.
It is used internally to access a private key. Usually it is shown and
entered as a 40 character hexadecimal formatted string.
2004-06-29 09:16:40 +02:00
@item OCSP
The @emph{Online Certificate Status Protocol} is used as an
alternative to a @acronym{CRL}. It is described in @code{RFC 2560}.
@item PSE
The @emph{Personal Security Environment} describes a database to
store private keys. This is either a smartcard or a collection of files
on a disk; the latter is often called a Soft-PSE.
2004-06-29 09:16:40 +02:00
@item Shell model
The standard model for validation of certificates under X.509. At the
2009-07-22 15:33:46 +02:00
time of the verification all certificates must be valid and not expired.
See also @emph{Chain model}.
@item X.509
Description of a PKI used with CMS. It is for example
defined by @code{RFC3280}.
2004-06-29 09:16:40 +02:00
@end table