| A | B |
|---|
| public key incription | uses asymetric cryptography |
| third party trust | both client and server trust a third party entity |
| X.509 | standard for public key encryption |
| Diffie-Helman | asymemetric key exchange solution |
| hashing algorithm | verify the integrity of stored data files |
| renewal | creates a new time period for certificate when it is about to expire |
| revoke | makes certificate invalid |
| enrollment | new certificate issued |
| version update | installs new version of certificate |
| EFS Encrypting File System | only on NTFS, need certificate |
| suspend | temporarily make certificate invalid |
| digital signing | varifies the source of software |
| Certification Authority | guareantees identity, issues certificate |
| certificate | digital representation of identity. |
| root certificate | self-signed certificate issued by CA to itself and used to sign all others it issues |
| commercial CA | third party that issues certificates of identity to others |
| CA policy | defines who can be issued certificates and when they can be revoked |
| CRL | list of certificates revoked |
| M of N Control | requires two or more agents to work together to recover key |
| mesh of trust | fault-tolerant PKI solution |
