certificate/CRL | Corresponding section of RFC5280 |
---|---|
C.1 RSA Self-Signed Certificate Section C.1 contains an annotated hex dump of a "self-signed" certificate issued by a CA whose distinguished name is cn=Example CA,dc=example,dc=com. The certificate contains an RSA public key, and is signed by the corresponding RSA private key. |
|
C.2 End Entity Certificate Using RSA Section C.2 contains an annotated hex dump of an end entity certificate. The end entity certificate contains an RSA public key, and is signed by the private key corresponding to the "self-signed" certificate in section C.1. |
|
C.3 End Entity Certificate Using DSA Section C.3 contains an annotated hex dump of an end entity certificate that contains a DSA public key with parameters, and is signed with DSA and SHA-1. This certificate is not part of the minimal certification path. |
|
C.4 Certificate Revocation List Section C.4 contains an annotated hex dump of a CRL. The CRL is issued by the CA whose distinguished name is cn=Example CA,dc=example,dc=com and the list of revoked certificates includes the end entity certificate presented in C.2. |
certificate/CRL | Corresponding section of RFC 3280 |
---|---|
C.1 Certificate Section C.1 contains an annotated hex dump of a "self-signed" certificate issued by a CA whose distinguished name is cn=us,o=gov,ou=nist. The certificate contains a DSA public key with parameters, and is signed by the corresponding DSA private key. |
|
C.2 Certificate Section C.2 contains an annotated hex dump of an end entity certificate. The end entity certificate contains a DSA public key, and is signed by the private key corresponding to the "self-signed" certificate in section C.1. |
|
C.3 End Entity Certificate Using RSA Section C.3 contains a dump of an end entity certificate which contains an RSA public key and is signed with RSA and MD5. This certificate is not part of the minimal certification path. |
Security and Privacy: public key infrastructure, testing & validation