翻訳と辞書
Words near each other
・ Scythe-Meister
・ Scythed chariot
・ Scythemarked butterflyfish
・ Scythes
・ Scythia
・ Scythia Minor
・ Scythian (band)
・ Scythian art
・ Scythian Lamb
・ Scutus unguis
・ Scutus virgo
・ Scuzz
・ SCV
・ SCV Magicians
・ SCVNGR
SCVP
・ SCW
・ SCW Brass Knuckles Championship
・ SCW Diva Championship
・ SCW Heavyweight Championship
・ SCW Heavyweight Championship (Georgia)
・ SCW Junior Heavyweight Championship
・ SCW North Carolina Championship
・ SCW Southwest Brass Knuckles Championship
・ SCW Southwest Heavyweight Championship
・ SCW Southwest Junior Heavyweight Championship
・ SCW Tag Team Championship
・ SCW Tag Team Championship (Georgia)
・ SCW World Heavyweight Championship
・ SCW World Tag Team Championship


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

SCVP : ウィキペディア英語版
SCVP

The Server-based Certificate Validation Protocol (SCVP) is an Internet protocol for determining the path between a X.509 digital certificate and a trusted root (Delegated Path Discovery) and the validation of that path (Delegated Path Validation) according to a particular validation policy.
==Overview==

When a relying party receives a digital certificate and needs to decide whether to trust the certificate, it first needs to determine whether the certificate can be linked to a trusted certificate. This process may involve chaining the certificate back through several issuers, such as the following case:
Equifax Secure eBusiness CA-1
ACME Co Certificate Authority
Joe User
Currently, the creation of this chain of certificates is performed by the application receiving the signed message. The process is termed "path discovery" and the resulting chain is called a "certification path". Many Windows applications, such as Outlook, use Cryptographic Application Programming Interface (CAPI) for path discovery.
CAPI is capable of building certification paths using any certificates that are installed in Windows certificate stores or provided by the relying party application. The Equifax CA certificate, for example, comes installed in Windows as a trusted certificate. If CAPI knows about the ACME Co CA certificate or if it is included in a signed email and made available to CAPI by Outlook, CAPI can create the certification path above. However, if CAPI cannot find the ACME Co CA certificate, it has no way to verify that Joe User is trusted.
SCVP provides us with a standards-based client-server protocol for solving this problem using Delegated Path Discovery, or DPD. When using DPD, a relying party asks a server for a certification path that meets its needs. The SCVP client's request contains the certificate that it is attempting to trust and a set of trusted certificates. The SCVP server's response contains a set of certificates making up a valid path between the certificate in question and one of the trusted certificates. The response may also contain proof of revocation status, such as OCSP responses, for the certificates in the path.
Once a certification path has been constructed, it needs to be validated. An algorithm for validating certification paths is defined in RFC 5280 section 6 (signatures, expiration, name constraints, policy constraints, basic constraints, etc.). Again, this could be done locally by the client or by the SCVP server with Delegated Path Validation.
SCVP facilitates Federated PKIs, such as one with a Bridge Certificate Authority.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「SCVP」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.