|
OpenCA, officially the OpenCA PKI Research Labs and formerly the OpenCA Project, is a PKI collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography. OpenCA is based on many Open-Source Projects. Among these there are OpenLDAP, OpenSSL and Apache Project. The project development is divided into two main tasks: studying and refining the security scheme that guarantees the best model to be used in a Certification Authority and developing software to easily set up and manage a Certification Authority. The software development side of the project is further divided into the following sub-projects: * ''(OpenCA PKI )'', a full featured PKI package. * ''(LibPKI )'', a library for PKI application development. * ''(OpenCA OCSPD )'', a small, robust Online Certificate Status Protocol daemon. * ''(PRQPD Server )'', a PKI Resource Query Protocol daemon for use in conjunction with the PKI package. * ''OpenCA-ng'', a planned project to implement new features and overcome limitations of the current project. (ng stands for "Next Generation") == OpenCA PKI == Public Key Infrastructures (PKIs) are one of the most widely accepted musts of the future. The problem is that most applications can be secured with certificates and keys but it is difficult and sometimes expensive to set up PKIs, the reason being that flexible trustcenter software is expensive. This was the starting point of OpenCA. OpenCA started in 1999. The first idea consisted of three major parts - a Perl web interface, an OpenSSL backend for the cryptographic operation and a database. This simple concept is still developers motto today. Nearly all operations can be performed via some web interface. It has six preconfigured interfaces and many more can be created from them, depending on the need. The cryptographic backend is OpenSSL, which is in no way a disadvantage. OpenCa is aimed to build the organizational infrastructure for a PKI. OpenCa’s databases store all the needed information about the users' cryptographic objects like Certificate Signing Requests (CSRs), Certificates, Certificate Revocation Requests (CRRs) and Certificate Revocation Lists (CRLs). 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「OpenCA」の詳細全文を読む スポンサード リンク
|