Internet X.509 Public Key Infrastructure is a set of certificates within Internet applications for those communities wishing to make use of X.509 technology. Such applications may include WWW, electronic mail, user authentication, and IPsec.
The users of certificates will operate in a wide range of environments with respect to their communication topology, which supports users without high bandwidth, real-time IP connectivity, or high connection availability and allows for the presence of firewall or other filtered communication.
The goal of the Internet Public Key Infrastructure (PKI) is to meet the needs of deterministic, automated identification, authentication, access control, and authorization functions.
In PKI, the associated private key is owned by the correct remote subject (person or system) with which an encryption or digital signature mechanism will be used. This is obtained through the use of public key certificates, which are data structures that bind public key values to subjects. The binding is asserted by having a trusted CA digitally sign each certificate. The CA may base this assertion upon technical means, presentation of the private key, or on an assertion by the subject. A certificate has a limited valid lifetime which is indicated in its signed contents. Because a certificate’s signature and timeliness can be independently checked by a certificate-using client, certificates can be distributed via untrusted communications and server systems, and can be cached in unsecured storage in certificate-using systems.
A user of a security service requiring knowledge of a public key generally needs to obtain and validate a certificate containing the required public key. If the public-key user does not already hold an assured copy of the public key of the CA, a chain of multiple certificates called certification paths may be needed.
X.509 defines one method of certificate revocation. This method involves each CA periodically issuing a signed data structure called a certificate revocation list (CRL). Each revoked certificate is identified in a CRL by its certificate serial number. When a certificate-using system uses a certificate, that system not only checks the certificate signature and validity but also acquires a suitably recent CRL and checks that the certificate serial number is not on that CRL. An advantage of this revocation method is that CRLs may be distributed via untrusted communications and server systems.
To foster the creation of an interoperable and reusable Internet PKI, this profile establishes a common baseline for generic applications requiring broad interoperability and defines the Certificate Fields, Certificate Extensions, CRL Fields, CRL Extensions.
Certification path processing verifies the binding between the subject distinguished name and/or subject alternative name and subject public key. The binding is limited by constraints which are specified in the certificates which comprise the path. The basic constraints and policy constraints extensions allow the certification path processing logic to automate the decision making process.
The cryptographic algorithms which may be used in X.509 PKI are one-way hash functions and digital signature algorithms which may be used to sign certificates and CRLs, and identifies OIDs for public keys contained in a certificate.