What is the basic difference between X.509 and PGP in terms of key hierarchies a

Question

What is the basic difference between X.509 and PGP in terms of key hierarchies and key trust?

Explanation / Answer

An X509 Certificate is a type of public key in a public/private key pair. These key pairs can be used for different things, like encryption via SSL, or for identification. SSL Certificates are a type of X509 certificate. SSL works by encrypting traffic as well as verifying the party (Verisign trusts this website to be who they say they are, therefore you probably could too). Verisign acts as a Certificate Authority (CA). The CA is trusted in that everything that it says should be taken as truth (Running a CA requires major security considerations). Therefore if a CA gives you a certificate saying that it trusts that you are really you, you have a user certificate/client certificate. Some of these types of certificates can be used across the board, but others can only be used for certain activities. If you open a certificate in Windows (browse to something over SSL in IE and look at the certificate properties) or run certmgr.msc and view a certificate, look at the Details tab > Key Usage. That will dictate what the certificate is allowed to do/be used for. For SOAP, the certificate can be used for two things: identification and encryption. Well, three if you include message signatures (message hashing). Client certificates identify the calling client or user. When the application makes a SOAP request, it hands the certificate to the web service to tell it who is making the request

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.