Summary

  

To understand the PKI, only two things need to be studied in detail, the X.509 format and how digital certificates are managed in a certificate chain. From those two things you get a lot of information about other protocols such as X.500, LDAP, and asymmetric keying. The purpose of PKI is to transport a secure public key from a sender of a secure message to the receiver of a secure message so that he may decrypt the message. PKI is a means to make the public key secure.

Java has a lot of packages for both formatting the X.509 digital certificate and checking the certificate path. The LDAP SDK also offers a rich API for working with an LDAP server. The LDAP server is important because the X.509 certificate format and certificate path are tightly coupled with the X.500 Directory Service schema for manipulating certificates.

The study of PKI is very extensive and a lot of work could go be required from an organization to support PKI. My suggestion is to take the easiest route. Use LDAP if you can, so that a lot of RDBMS work is not required. Know the services offered by your CA, Web services, and Application services so that you may take advantage of them. I have worked with many companies and types of developers, and many do think that it is cool to write their own LDAP server; however, there is a difference between having to write an LDAP server the night before production and writing one on your own time. Use as much out-of-the-box functionality as possible. Many organizations use PKI, so there are very few things to be discovered in this area for most organizations unless you happen to be an RA or a CA.

  


Java Security Solutions
Java Security Solutions
ISBN: 0764549286
EAN: 2147483647
Year: 2001
Pages: 222

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net