Differences between version 6 and revision by previous author of X509.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 6 | Last edited on Tuesday, June 29, 2004 7:59:59 pm | by StuartYeates | Revert |
| Older page: | version 2 | Last edited on Thursday, October 16, 2003 9:22:55 pm | by PerryLorier | Revert |
@@ -1,16 +1,19 @@
-X509 is a standard for defining a DigitalCertificate. It is the signing system used for [SSL].
+X509 is a standard for defining a DigitalCertificate. It is the signing system used for [SSL]. The [X509] PublicKey security model is almost completely incompatible with the [OpenPGP] PublicKey security model, but they serve very different purposes. [X509] is heirarchical and commerce-oriented, whereas [PGP]/[GPG] is massively distributed, very fault tolerant and works using a WebOfTrust
.
Some useful documentation on X509 certificates: http://java.sun.com/products/jdk/1.2/docs/guide/security/cert3.html.
-Some information about how to implement X509
-*
http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
-
+Some information about how to implement [
X509]:
http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt This is also just an interesting read to find out why X509 is such a bizarre standard
Things that use X509 certificates:
-* Various code-signing schemes, such as signed Java ARchives, and Microsoft Authenticode.
-* Various secure E-Mail standards, such as PEM and S/MIME.
+* Various code-signing schemes, such as signed Java ARchives, and Microsoft Authenticode (because these things are built upon [SSL])
.
+* Various secure E-Mail standards, such as [
PEM]
and [
S/MIME] (S/MIME can also use [OpenPGP])
.
* E-Commerce protocols, such as SET.
* MicrosoftWindows
-AddToMe
...
+!!Why you won't find much [X509] information on the [InterNet]
+
+The [X509] standard was developed by the [ITU-T] which changes money for version of the standard, rather than making them freely avaliable over the InterNet
. This is not a problem if you work for a big telecommunications company which has the resources to get you a copy of the standard, but can be a significant barrier to entry for smaller players and OpenSource developers
. This may be a reason for the lack of [X509] support in the open source world, expecially compared to things like [OpenPGP] and other freely avaliable standards
.
+
+----
+CategoryStandards
