PKI Components

The below mentioned PKI components are required for Validation Suite:

• Certificate/CRL Publishing Service

  This component is a service that provides connections to import and export certificates and certificate revocation lists (CRLs). For example, an LDAP directory serves as the data retrieval interface between the CA and Validation Authority. The CA posts both certificates and Certificate Revocation Lists (CRLs) to the LDAP directory from which Validation Authority retrieves them.

• Certificate Authority (CA)

  This component signs and publishes certificates and CRLs based on information provided by an issuer or Registration Authority.

• Registration Authority (RA)

  This component receives and validates user requests for certificates, constructs certificate requests and then forwards the requests to a CA for signing, and sends revocation requests to the CA for inclusion in CRLs.

• Subscribers

  These are certificate holders who request services or access.

• Relying Party Applications

  These are client applications that request validation of certificates that are contained in digitally-signed documents, email messages, or web pages.