Presentation is loading. Please wait.

Presentation is loading. Please wait.

CCSDS Security Working Group Fall 2015 Meeting Certificate Management 9 November – 13 November 2015 Darmstadt Germany Charles Sheehe NASA/Glenn.

Published byClementine Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "CCSDS Security Working Group Fall 2015 Meeting Certificate Management 9 November – 13 November 2015 Darmstadt Germany Charles Sheehe NASA/Glenn."— Presentation transcript:

1 CCSDS Security Working Group Fall 2015 Meeting Certificate Management 9 November – 13 November 2015 Darmstadt Germany Charles Sheehe NASA/Glenn

2 Certificate needs A Structure A provider A protocol

3 What do we need Structure CCountry STState LCity OOrganizational name OUOrganizational Unit name CNDomain name These data element should be formatted identically to the way W3C PKI structures the “Issuer” element: as a record reflecting the identity of the CA.

4 What do we need Structure continued, 1 Version Serial Number Algorithm ID Validity Not Before Not After Subject Key Info Key Algorithm Subject Key Issuer Unique Identifier Subject Unique Identifier Any extensions with defined meanings (optional)

5 What do we need Structure continued, 2 ROLEThe role of the subject in the SANA CA ecosystem. Can take values of CA National CA Agency CA Domain CA DEVICE Cert OPERATOR Cert SOFTWARE Cert INSTALLER Cert Each role will carry particular capabilities to engage in various kinds of communication. For instance, the INSTALLER role will be able to supply device installation metadata to SANA CA. The National CA role will be authorized to engage in National CA-CA and National CA-Agency CA communications. SANA_IDFor a role certificate, this field contains the certification SANA ID SERIAL_NUMFor a multiple end points within an SANA ID.

6 What do we need Provider and protocol Certificate management organization https://letsencrypt.org/ Protocol for certificats: Automatic Certificate Management Environment (ACME) draft-barnes-acme-04

7 Discussion

Download ppt "CCSDS Security Working Group Fall 2015 Meeting Certificate Management 9 November – 13 November 2015 Darmstadt Germany Charles Sheehe NASA/Glenn."

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
1 APNIC Resource Certification Service Project Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam George Michaelson.

1 APNIC Resource Certification Service Project Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam George Michaelson.
Introduction of Grid Security

Introduction of Grid Security
Router Identification Problem Statement J.W. Atwood 2008/03/11

Router Identification Problem Statement J.W. Atwood 2008/03/11
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
CP3397 ECommerce.

CP3397 ECommerce.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.

Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,

 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Haidong Xue.  Part One: Review of the Knowledge in Textbook goals, issues, solutions  Part Two: Current Application X509.V3  Part Three: Future Work.

Haidong Xue.  Part One: Review of the Knowledge in Textbook goals, issues, solutions  Part Two: Current Application X509.V3  Part Three: Future Work.

Similar presentations

Ads by Google