X509 is a standard for defining a DigitalCertificate. It is the signing system used for SSL. The X509 PublicKey security model is almost completely incompatible with the OpenPGP PublicKey security model, but they serve very different purposes. X509 is heirarchical and commerce-oriented, whereas PGP/GPG is massively distributed, very fault tolerant and works using a WebOfTrust.

Some useful documentation on X509 certificates: http://java.sun.com/products/jdk/1.2/docs/guide/security/cert3.html.

Some information about how to implement X509

• http://www.cs.auckland.ac.nz/pgut001/pubs/x509guide.txt

This is also just an interesting read to find out why X509 is such a bizarre standard

Things that use X509 certificates:

• Various code-signing schemes, such as signed Java ARchives, and Microsoft Authenticode.
• Various secure E-Mail standards, such as PEM and S/MIME.
• E-Commerce protocols, such as SET.
• MicrosoftWindows

AddToMe...

CategoryStandards