diff options
Diffstat (limited to 'doc/glossary.texi')
-rw-r--r-- | doc/glossary.texi | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/doc/glossary.texi b/doc/glossary.texi new file mode 100644 index 0000000..8c786a7 --- /dev/null +++ b/doc/glossary.texi @@ -0,0 +1,72 @@ +@c Copyright (C) 2004 Free Software Foundation, Inc. +@c This is part of the GnuPG manual. +@c For copying conditions, see the file gnupg.texi. + +@node Glossary +@unnumbered Glossary + + +@table @samp +@item ARL + The @emph{Authority Revocation List} is technical identical to a +@acronym{CRL} but used for @acronym{CA}s and not for end user +certificates. + +@item Chain model + Verification model for X.509 which uses the creation date of a +signature as the date the validation starts and in turn checks that each +certificate has been issued within the time frame, the issuing +certificate was valid. This allows the verification of signatures after +the CA's certificate expired. The validation test also required an +online check of the certificate status. The chain model is required by +the German signature law. See also @emph{Shell model}. + +@item CMS + The @emph{Cryptographic Message Standard} describes a message +format for encryption and digital signing. It is closely related to the +X.509 certificate format. @acronym{CMS} was formerly known under the +name @code{PKCS#7} and is described by @code{RFC3369}. + +@item CRL + The @emph{Certificate Revocation List} is a list containing +certificates revoked by the issuer. + +@item CSR + The @emph{Certificate Signing Request} is a message send to a CA to +ask them to issue a new certificate. The data format of such a signing +request is called PCKS#10. + +@item OpenPGP + A data format used to build a PKI and to exchange encrypted or +signed messages. In contrast to X.509, OpenPGP also includes the +message format but does not explicitly demand a specific PKI. However +any kind of PKI may be build upon the OpenPGP protocol. + +@item Keygrip + This term is used by GnuPG to describe a 20 byte hash value used +to identify a certain key without referencing to a concrete protocol. +It is used internally to access a private key. Usually it is shown and +entered as a 40 character hexadecimal formatted string. + +@item OCSP + The @emph{Online Certificate Status Protocol} is used as an +alternative to a @acronym{CRL}. It is described in @code{RFC 2560}. + +@item PSE + The @emph{Personal Security Environment} describes a database to +store private keys. This is either a smartcard or a collection of files +on a disk; the latter is often called a Soft-PSE. + + +@item Shell model +The standard model for validation of certificates under X.509. At the +time of the verification all certificates must be valid and not expired. +See also @emph{Chain model}. + + +@item X.509 +Description of a PKI used with CMS. It is for example +defined by @code{RFC3280}. + + +@end table |