Certificate Request Message Format (CRMF). A message format to send a certificate request to a CA. A standard from the Internet Engineering Task Force (IETF) PKIX working group.

Certificate Management Message Formats (CMMF). Message formats to send certificate requests and revocation requests from end entities to a CA and to return information to end entities. A proposed standard from the IETF PKIX working group. CMMF has been subsumed by another standard, CMC.

Certificate Management Messages over CS (CMC). A general interface to public-key certification products based on CS and PKCS #10, including a certificate enrollment protocol for DSA-signed certificates with Diffie-Hellman public-keys. A standard from the IETF PKIX working group. CMC incorporates CRMF and CMMF.

Cryptographic Message Syntax (CS). A superset of PKCS #7 syntax used for digital signatures and encryption. A proposed standard from the IETF PKIX working group.

PKIX Certificate and CRL Profile (PKIX Part 1). The first part of the four-part standard under development by the IETF for a public-key infrastructure for the Internet. Part 1 specified standards for certificates and CRLs. Certificate System will support the other PKIX parts as they are finalized. For more information about PKIX Part 1, see ftp://ftp.isi.edu/in-notes/rfc2459.txt.

FIPS PUBS 140-1. Federal Information Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementing cryptographic modules such as hardware or software that encrypts and decrypts data, creates and verifies digital signatures, and other cryptographics functions.

Hypertext Transport Protocol (HTTP) and Hypertext Transport Protocol Secure (HTTPS). Protocols used to communicate with web servers.

KEYGEN tag. An HTML tag that generates a key pair for use with a certificate.

Lightweight Directory Access Protocol (LDAP) v2, v3. A directory service protocol designed to run over TCP/IP and across multiple platforms. LDAP is a simplified version of Directory Access Protocol (DAP), used to access X.500 directories. LDAP is under IETF change control and has evolved to meet Internet requirements.

Public-Key Cryptography Standard (PKCS) #7. An encrypted data and message format developed by RSA Data Security to represent digital signatures, certificate chains, and encrypted data. This format is used to deliver certificates to end entities.

Public-Key Cryptography Standard (PKCS) #10. A message format developed by RSA Data Security for certificate requests. This format is supported by many server products.

Public-Key Cryptography Standard (PKCS) #11. Specifies an API used to communicate with devices such as hardware tokens that hold cryptographic information and perform cryptographic operations.

X.509 v1, v3. Digital certificate formats recommended by the International Telecommunications Union (ITU).

Secure Sockets Layer (SSL) 2.0, 3.0. A set of rules governing server authentication, client authentication, and encrypted communication between servers and clients.

Security-Enhanced Linux. Security-enhanced Linux, or SELinux, is a set of security protocols enforcing mandatory access control on Linux system kernels. This was developed by the United States National Security Agency to keep applications from accessing confidential or protected files through lenient or flawed access controls.

Elliptic Curve Cryptography (ECC). ECC is a cryptosystem that uses elliptic curves to create keys for encrypting data. ECC creates cryptographically-stronger keys with shorter key lengths than RSA, which makes it faster and more efficient to implement.