summaryrefslogtreecommitdiffstats
path: root/doc/glossary.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/glossary.texi')
-rw-r--r--doc/glossary.texi72
1 files changed, 72 insertions, 0 deletions
diff --git a/doc/glossary.texi b/doc/glossary.texi
new file mode 100644
index 0000000..8c786a7
--- /dev/null
+++ b/doc/glossary.texi
@@ -0,0 +1,72 @@
+@c Copyright (C) 2004 Free Software Foundation, Inc.
+@c This is part of the GnuPG manual.
+@c For copying conditions, see the file gnupg.texi.
+
+@node Glossary
+@unnumbered Glossary
+
+
+@table @samp
+@item ARL
+ The @emph{Authority Revocation List} is technical identical to a
+@acronym{CRL} but used for @acronym{CA}s and not for end user
+certificates.
+
+@item Chain model
+ Verification model for X.509 which uses the creation date of a
+signature as the date the validation starts and in turn checks that each
+certificate has been issued within the time frame, the issuing
+certificate was valid. This allows the verification of signatures after
+the CA's certificate expired. The validation test also required an
+online check of the certificate status. The chain model is required by
+the German signature law. See also @emph{Shell model}.
+
+@item CMS
+ The @emph{Cryptographic Message Standard} describes a message
+format for encryption and digital signing. It is closely related to the
+X.509 certificate format. @acronym{CMS} was formerly known under the
+name @code{PKCS#7} and is described by @code{RFC3369}.
+
+@item CRL
+ The @emph{Certificate Revocation List} is a list containing
+certificates revoked by the issuer.
+
+@item CSR
+ The @emph{Certificate Signing Request} is a message send to a CA to
+ask them to issue a new certificate. The data format of such a signing
+request is called PCKS#10.
+
+@item OpenPGP
+ A data format used to build a PKI and to exchange encrypted or
+signed messages. In contrast to X.509, OpenPGP also includes the
+message format but does not explicitly demand a specific PKI. However
+any kind of PKI may be build upon the OpenPGP protocol.
+
+@item Keygrip
+ This term is used by GnuPG to describe a 20 byte hash value used
+to identify a certain key without referencing to a concrete protocol.
+It is used internally to access a private key. Usually it is shown and
+entered as a 40 character hexadecimal formatted string.
+
+@item OCSP
+ The @emph{Online Certificate Status Protocol} is used as an
+alternative to a @acronym{CRL}. It is described in @code{RFC 2560}.
+
+@item PSE
+ The @emph{Personal Security Environment} describes a database to
+store private keys. This is either a smartcard or a collection of files
+on a disk; the latter is often called a Soft-PSE.
+
+
+@item Shell model
+The standard model for validation of certificates under X.509. At the
+time of the verification all certificates must be valid and not expired.
+See also @emph{Chain model}.
+
+
+@item X.509
+Description of a PKI used with CMS. It is for example
+defined by @code{RFC3280}.
+
+
+@end table