Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Linux Magazine - Missing Anything?

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 130 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here




Glossary of PKI Terms

Glossary of PKI Terms


Asymmetric Cryptography

In this Cryptography a Key Pair - Private and Public Key is used. Private Key is kept secret and the Public Key is Widely distributed.



A Data Record that contains the information as defined in the X.509 Format.

Certificate Authority (CA)

Issuer of the Digital Certificate. Also validates the Identity of the End-Entity that posseses the Digital Certificate.

Certificate Signing Request (CSR)

Certificate Signing Request (CSR) is what you send to a Certifiate Authority (CA) to get enrolled. A CSR contains the Public Key of the End-Entity that is a requesting the Digital Certificate.

Common Name (CN)

Common Name is the name of the End-Entity e.g. Saqib Ali. If the End-Entity is a WebServer the CN is the Fully Qualified Domain Name (FQDN) of the WebServer


Digital Certificate

A certificate that binds a Public Key to a Subject (end-entity). This certificate also contains other indentifying information about the subject as defined in the X.509 Format. It is signed by Issuing CA, using CA's pivate key. e.g. of a digital certificate

Digital Signature

A Digital Signature is created by signing the Message Digest (Message Hash) using the Private Key. It ensures the Identity of the Sender, and the Integrity of the Data.



An entity that participates in the PKI. Usually a Server, Service, Router, or a Person. A CA is not a End-Entity. An RA is an End-Entity to the CA



A hash is Hexadecimal number generated from a string of text such that, no two different strings can produce the same hash.

HMAC: Keyed Hashing for Message Authentication

HMAC is an implementation of Message Authentication Code Algorithm.


Message Authentication Code

Similar to a Message Digest (Hash/Fingerprint), except the Shared Secret Key is used in the process of calculating the Hash. Since a shared secret key is used, an attacker can not change the Message Digest. However the shared secret key has to be first communicated to the participating entities, unlike Digital Signature where Message Digest is signed using the Private Key. HMAC is an example of a Message Authentication Code Algorithm.

Message Digest 5 - MD5

Message Digest 5 (MD5) is a 128-bit one-way hash function


Private Key

Private Key is the Key in Asymmetric Cryptography that is kept secret by the owner (End-Entity). Can be used for encryption or decryption

Public Key

Public Key is the Key in Asymmetric Cryptography that is widely distributed. Can be used for encryption or decryption

Public Key Infrastructure (PKI)

Public Key Infrastructure


SHA-1: Secure Hash Algorithm

Secure Hash Algorithm (SHA-1) is a 160-bit one-way hash function. Maximum message is 2^64 bits.

Secure Socket Layer (SSL)

Secure Socket Layer (SSL) is a security protocol that provides authentication (Digital Certificate), confidentiality (encryption), and data integrity (Message Digest - MD5, SHA etc).

Symmetric Cryptography

In this cryptography the message the encrypted and decrypted by the same key. (((n^2-n))/2) keys are required for n users who want to participate in this system of cryptography.

The Linux Tutorial completely respects the rights of authors and artists to decide for themselves if and how their works can be used, independent of any existing licenses. This means if you are the author of any document presented on this site and do no wish it to be displayed as it is on this site or do not wish it to be displayed at all, please contact us and we will do our very best to accommodate you. If we are unable to accommodate you, we will, at your request, remove your document as quickly as possible.

If you are the author of any document presented on this site and would like a share of the advertising revenue, please contact us using the standard Feedback Form.


Looking for a "printer friendly" version?



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can help in many different ways.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.12 Seconds