www/apache
www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-06-06 09:01:00 +03:00
Code
apache/docs/manual/ssl/ssl_glossary.html
Rich Bowen d78c998c6a Patch submitted by David Shane Holden to make docs valid xhtml. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96194 13f79535-47bb-0310-9956-ffa450edef68
2002-07-25 21:46:42 +00:00

269 lines
7.3 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Apache SSL/TLS Encryption: Glossary</title>
<style type="text/css"><!--
#H {
}
#D {
background-color: #f0f0f0;
}
--></style>
</head>
<body bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#000080" alink="#FF0000">
<!--#include virtual="header.html" -->
<h1 align="center">SSL/TLS Strong Encryption: Glossary</h1>
<div align="right">
<table cellspacing="0" cellpadding="0" width="300" summary="">
<tr>
<td>
<em>
``I know you believe you understand what you think I said, but I am not sure you
realize that what you heard is not what I meant.''
</em>
</td>
</tr>
<tr>
<td align="right">
<font size="-1">
Richard Nixon
</font>
</td>
</tr>
</table>
</div>
<dl>
<dt>Authentication</dt>
<dd>The positive identification of a network entity such as a server, a
client, or a user. In SSL context the server and client
<em>Certificate</em> verification process.
</dd>
</dl>
<dl>
<dt>Access Control</dt>
<dd>The restriction of access to network realms. In Apache context
usually the restriction of access to certain <em>URLs</em>.
</dd>
</dl>
<dl>
<dt>Algorithm</dt>
<dd>An unambiguous formula or set of rules for solving a problem in a finite
number of steps. Algorithms for encryption are usually called <em>Ciphers</em>.
</dd>
</dl>
<dl>
<dt>Certificate</dt>
<dd>A data record used for authenticating network entities such
as a server or a client. A certificate contains X.509 information pieces
about its owner (called the subject) and the signing <em>Certificate
Authority</em> (called the issuer), plus the owner's public key and the
signature made by the CA. Network entities verify these signatures using
CA certificates.
</dd>
</dl>
<dl>
<dt>Certification Authority (CA)</dt>
<dd>A trusted third party whose purpose is to sign certificates for network
entities it has authenticated using secure means. Other network entities
can check the signature to verify that a CA has authenticated the bearer
of a certificate.
</dd>
</dl>
<dl>
<dt>Certificate Signing Request (CSR)</dt>
<dd>An unsigned certificate for submission to a <em>Certification Authority</em>,
which signs it with the <em>Private Key</em> of their CA <em>Certificate</em>. Once
the CSR is signed, it becomes a real certificate.
</dd>
</dl>
<dl>
<dt>Cipher</dt>
<dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4, etc.
</dd>
</dl>
<dl>
<dt>Ciphertext</dt>
<dd>The result after a <em>Plaintext</em> passed a <em>Cipher</em>.
</dd>
</dl>
<dl>
<dt>Configuration Directive</dt>
<dd>A configuration command that controls one or more aspects of a program's
behavior. In Apache context these are all the command names in the first
column of the configuration files.
</dd>
</dl>
<dl>
<dt>CONNECT</dt>
<dd>A HTTP command for proxying raw data channels over HTTP. It can be used to
encapsulate other protocols, such as the SSL protocol.
</dd>
</dl>
<dl>
<dt>Digital Signature</dt>
<dd>An encrypted text block that validates a certificate or other file. A
<em>Certification Authority</em> creates a signature by generating a
hash of the <em>Public Key</em> embedded in a <em>Certificate</em>, then
encrypting the hash with its own <em>Private Key</em>. Only the CA's
public key can decrypt the signature, verifying that the CA has
authenticated the network entity that owns the <em>Certificate</em>.
</dd>
</dl>
<dl>
<dt>Export-Crippled</dt>
<dd>Diminished in cryptographic strength (and security) in order to comply
with the United States' Export Administration Regulations (EAR).
Export-crippled cryptographic software is limited to a small key size,
resulting in <em>Ciphertext</em> which usually can be decrypted by brute
force.
</dd>
</dl>
<dl>
<dt>Fully-Qualified Domain-Name (FQDN)</dt>
<dd>The unique name of a network entity, consisting of a hostname and a domain
name that can resolve to an IP address. For example, <code>www</code> is a
hostname, <code>whatever.com</code> is a domain name, and
<code>www.whatever.com</code> is a fully-qualified domain name.
</dd>
</dl>
<dl>
<dt>HyperText Transfer Protocol (HTTP)</dt>
<dd>The HyperText Transport Protocol is the standard transmission protocol used
on the World Wide Web.
</dd>
</dl>
<dl>
<dt>HTTPS</dt>
<dd>The HyperText Transport Protocol (Secure), the standard encrypted
communication mechanism on the World Wide Web. This is actually just HTTP
over SSL.
</dd>
</dl>
<dl>
<dt>Message Digest</dt>
<dd>A hash of a message, which can be used to verify that the contents of
the message have not been altered in transit.
</dd>
</dl>
<dl>
<dt>OpenSSL</dt>
<dd>The Open Source toolkit for SSL/TLS;
see <a href="http://www.openssl.org/">http://www.openssl.org/</a>
</dd>
</dl>
<dl>
<dt>Pass Phrase</dt>
<dd>The word or phrase that protects private key files.
It prevents unauthorized users from encrypting them. Usually it's just
the secret encryption/decryption key used for <em>Ciphers</em>.
</dd>
</dl>
<dl>
<dt>Plaintext</dt>
<dd>The unencrypted text.
</dd>
</dl>
<dl>
<dt>Private Key</dt>
<dd>The secret key in a <em>Public Key Cryptography</em> system, used to
decrypt incoming messages and sign outgoing ones.
</dd>
</dl>
<dl>
<dt>Public Key</dt>
<dd>The publically available key in a <em>Public Key Cryptography</em> system, used to
encrypt messages bound for its owner and to decrypt signatures made by its
owner.
</dd>
</dl>
<dl>
<dt>Public Key Cryptography</dt>
<dd>The study and application of asymmetric encryption systems, which use one
key for encryption and another for decryption. A corresponding pair of
such keys constitutes a key pair. Also called Asymmetric Crypography.
</dd>
</dl>
<dl>
<dt>Secure Sockets Layer (SSL)</dt>
<dd>A protocol created by Netscape Communications Corporation for
general communication authentication and encryption over TCP/IP networks.
The most popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer
Protocol (HTTP) over SSL.
</dd>
</dl>
<dl>
<dt>Session</dt>
<dd>The context information of an SSL communication.
</dd>
</dl>
<dl>
<dt>SSLeay</dt>
<dd>The original SSL/TLS implementation library developed by
Eric A. Young &lt;eay@aus.rsa.com&gt;;
see <a href="http://www.ssleay.org/">http://www.ssleay.org/</a>
</dd>
</dl>
<dl>
<dt>Symmetric Cryptography</dt>
<dd>The study and application of <em>Ciphers</em> that use a single secret key
for both encryption and decryption operations.
</dd>
</dl>
<dl>
<dt>Transport Layer Security (TLS)</dt>
<dd>The successor protocol to SSL, created by the Internet Engineering Task
Force (IETF) for general communication authentication and encryption over
TCP/IP networks. TLS version 1 and is nearly identical with SSL version 3.
</dd>
</dl>
<dl>
<dt>Uniform Resource Locator (URL)</dt>
<dd>The formal identifier to locate various resources on the World Wide Web.
The most popular URL scheme is <code>http</code>. SSL uses the
scheme <code>https</code>
</dd>
</dl>
<dl>
<dt>X.509</dt>
<dd>An authentication certificate scheme recommended by the International
Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.
</dd>
</dl>
<!--#include virtual="footer.html" -->
</body>
</html>
View Git Blame Copy Permalink