x509 certificate

4 results back to index

pages: 90 words: 17,297

Deploying OpenStack by Ken Pepple

Amazon Web Services, cloud computing, database schema, Infrastructure as a Service, Kickstarter, Ruby on Rails, web application, x509 certificate

Nova Database Schema Table NameDescription migrate_version Stores current version of the database schema as well as other migration-related info. Only used internally and by developers during upgrades. migrations Used for running host-to-host migration. auth_tokens Maps Authorization tokens (for all API transactions) to actual users (via the user id field). certificates Mappings for user, projects, and x509 certificates files networks Information pertaining to networks defined in Nova. Includes IP addressing, VLAN, and VPN information. compute_nodes Capabilities (vcpus, memory, etc.) and state (vcpus used, memory used, etc.) of each compute node. projects Information about projects, including project manager. console_pools Pool of consoles on the same physical node. quotas Quota overrides for particular projects.

Mastering Blockchain, Second Edition by Imran Bashir

3D printing, altcoin, augmented reality, autonomous vehicles, bitcoin, blockchain, business process, carbon footprint, centralized clearinghouse, cloud computing, connected car, cryptocurrency, data acquisition, Debian, disintermediation, disruptive innovation, distributed ledger, domain-specific language, en.wikipedia.org, Ethereum, ethereum blockchain, fault tolerance, fiat currency, Firefox, full stack developer, general-purpose programming language, gravity well, interest rate swap, Internet of things, litecoin, loose coupling, MITM: man-in-the-middle, MVC pattern, Network effects, new economy, node package manager, Oculus Rift, peer-to-peer, platform as a service, prediction markets, QR code, RAND corporation, Real Time Gross Settlement, reversible computing, RFC: Request For Comment, RFID, ride hailing / ride sharing, Satoshi Nakamoto, single page application, smart cities, smart contracts, smart grid, smart meter, supply-chain management, transaction costs, Turing complete, Turing machine, web application, x509 certificate

. ----- Country Name (2 letter code) [AU]:GB State or Province Name (full name) [Some-State]:Cambridge Locality Name (eg, city) []:Cambridge Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dr.Equinox! Organizational Unit Name (eg, section) []:NA Common Name (e.g. server FQDN or YOUR name) []:drequinox Email Address []:drequinox@drequinox.com The certificate can be explored using the following command: $ openssl x509 -in ecccertificate.pem -text -noout The following output shows the certificate: X509 certificate that uses ECDSA algorithm with SHA-256 There following topics in cryptography are presented because of their relevance to blockchain, or their potential use in future blockchain ecosystems. Homomorphic encryption Usually, public key cryptosystems, such as RSA, are multiplicative homomorphic or additive homomorphic, such as the Paillier cryptosystem, and are called Partially Homomorphic Encryption (PHE) systems.

Engineering Security by Peter Gutmann

active measures, algorithmic trading, Amazon Web Services, Asperger Syndrome, bank run, barriers to entry, bitcoin, Brian Krebs, business process, call centre, card file, cloud computing, cognitive bias, cognitive dissonance, combinatorial explosion, Credit Default Swap, crowdsourcing, cryptocurrency, Daniel Kahneman / Amos Tversky, Debian, domain-specific language, Donald Davies, Donald Knuth, double helix, en.wikipedia.org, endowment effect, fault tolerance, Firefox, fundamental attribution error, George Akerlof, glass ceiling, GnuPG, Google Chrome, iterative process, Jacob Appelbaum, Jane Jacobs, Jeff Bezos, John Conway, John Markoff, John von Neumann, Kickstarter, lake wobegon effect, Laplace demon, linear programming, litecoin, load shedding, MITM: man-in-the-middle, Network effects, Parkinson's law, pattern recognition, peer-to-peer, Pierre-Simon Laplace, place-making, post-materialism, QR code, race to the bottom, random walk, recommendation engine, RFID, risk tolerance, Robert Metcalfe, Ruby on Rails, Sapir-Whorf hypothesis, Satoshi Nakamoto, security theater, semantic web, Skype, slashdot, smart meter, social intelligence, speech recognition, statistical model, Steve Jobs, Steven Pinker, Stuxnet, telemarketer, text mining, the built environment, The Death and Life of Great American Cities, The Market for Lemons, the payments system, Therac-25, too big to fail, Turing complete, Turing machine, Turing test, web application, web of trust, x509 certificate, Y2K, zero day, Zimmermann PGP

SPK 663 Name Authorisation Name I Authorisation Figure 179: X.509 (top) and SPKI (bottom) certificate functionality In abstract terms an X.509 certificate can be thought of as a signed n-tuple that asserts a predicate p( x1, x2, x3, … xn ) over the fields that it contains. Unfortunately there’s no way to indicate exactly what that predicate is. Some examples of required predicates might include has_read_access_to or can_withdraw_money_from, while the only real predicate that an X.509 certificate can offer is the tautological is_an_X509_certificate [38]. An alternative technology to X.509 called Simple Public Key Infrastructure (SPKI), whose operation is shown in Figure 179, asserts a user-defined predicate specified by the issuer of the certificate, so that the relying party can make meaningful authorisation decisions based on the contents of the certificate [90][91]. These predicates may be arbitrarily complex, going beyond the basic can_withdraw_money_from example given above to more specialised forms such as can_withdraw_money_from_account_X_up_to_$Y_per_day, a predicate useful for handling ATM withdrawals.

“Creating Security Applications Based on The Global Certificate Management System”, Nada Kapidzic, Computers and Security, Vol.17, No.6 (September 1998), p.507. “Internet Security enters the Middle Ages”, Rolf Oppliger, IEEE Computer, Vol.28, No.10 (October 1995), p.100. “Compliance Defects in Public-Key Cryptography”, Don Davis, Proceedings of the 6th Usenix Security Symposium (Security’96), July 1996, p.171. “WiMAX Certificate Authority Users Overview”, WiMAX Forum, undated but apparently mid-2008, http://members.wimaxforum.org/certification/x509_certificates/pdfs/wimax_ca_users_overview.pdf. [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] [44] [45] [46] “Is PGP X.509's secret weapon?”, Peter Gutmann, posting to the cryptography@metzdowd.com mailing list, message-ID E1LsDw2-0000ezUF@wintermute01.cs.auckland.ac.nz 10 April 2009. “A Distributed Certificate Management System (DCMS) Supporting Groupbased Access Controls”, Rolf Oppliger, Andreas Greulich and Peter Trachsel, Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC’99), December 1999, p.241.

pages: 632 words: 223,899

Exim: The Mail Transfer Agent by Philip Hazel

Debian, RFC: Request For Comment, x509 certificate

* See http://www.openssl.org/. 9 October 2001 09:11 Encrypted SMTP Connections 369 To support TLS on a server, you must set tls_advertise_hosts to match some hosts, and you must also specify files that contain a certificate and a private key. For example: tls_advertise_hosts = * tls_certificate = /etc/secure/exim/cert tls_privatekey = /etc/secure/exim/privkey The first file contains the server’s X509 certificate, and the second contains the private key that goes with it. These files need to be readable by the Exim user. They can be the same file if both the certificate and the key are contained within it. With just these two options set, Exim will work as a server with clients such as Netscape. It does not require the client to have a certificate (but see the next section for how to insist on this).