Difference between revisions of "X.509 Certificate"

Revision as of 09:23, 28 July 2018

A structure defined by the CCITT (now ITU) that binds a Subject name to a public key and a set of Attributes.

Up until the 1970's the Postal and Telecommunications Agencies of the world governments just knew that they were responsible for assigning names and numbers to everything on the planet.
At that time only a few of the world governments, like the US, had placed the responsibilities for such naming and numbering in private hands.
Still in the US AT&T acted with the impunity of a government agency, until they were challenged in court by companies like MCI.
With all of the arrogance of a government body, the ITU's Committee on Communications and International Telephone and Telegraph (CCITT), decided to specifiy the structure of email and the corresponding security.

The result was an exceeding ugly encoding of everything they touched, most of which has faded into history, except the X.509 certificate structure.
The security at the time was based on the paradigm at the time - the credit card industry and the card revocation lists, which were updated every few weeks and needed to be checked by every merchant for every transaction.

At least now the certificates can be check online and no longer required certificate revocation lists, although the specification still exists.
The content of a Web Site certification is reasonably well defined^[1]

↑ DigiCert. What extensions and details are included in a SSL certificate? https://knowledge.digicert.com/solution/SO18140.html

@@ Line 13: / Line 13: @@
 ==Solutions==
+*At least now the certificates can be check online and no longer required certificate revocation lists, although the specification still exists.
 *The content of a [[Web Site]] certification is reasonably well defined<ref>DigiCert. ''What extensions and details are included in a SSL certificate?'' https://knowledge.digicert.com/solution/SO18140.html</ref>
 ==References==