Only $35.99/year


Terms in this set (75)

The certificate lifecycle consists of many (but not necessarily all) of the following event:
Key Generation - The creation of the public/private key pair associated with the certificate
Identify Submission - The credentials of the party requesting the certificate are submitted to the CA.
Registration - The request for a new certificate is registered by the CA.
Certification - Requesting party's identity is validated and a certificate is generated and digitally signed with the CA's digital signature.
Distribution - The certificate is published by the CA.
Usage - The requesting party uses the certificate for the authorized purpose.
Expiration - Unless renewed or revoked, the certificate expires based on the expiration date built into the certificate at generation time.
Revocation - At any time prior to expiration a certificate may be revoked (for example if it is being used for malicious purposes or the private key is compromised).
Renewal - At the request of the owner a certificate may be renewed by the CA. This process requires the generation of a new public/private key pair.
Suspension - The certificate is temporarily suspended, for example is a user goes on sabbatical and does not plan to use the certificate during this period of time.
Recovery - The process of recovering the key pair from a backup in the event of corruption (in order to qualify for recovery the keys must be considered to still be trusted and valid).
Destruction - When the key and certificate lifetimes expire and a suitable period of time has elapsed to avoid receiving information encrypted using the keys (a period known as the key history maintenance period) it is essential that all copies be destroyed from any locations where they might have been stored. For example, copies on workstations, laptops servers, key servers and removable media) must be deleted.