| |
| |
ApacheCon US 2002: Las Vegas, November 20, 2002.
Hello World (Slide Two)
- Introduction
- The Basics:
- Review of Digital Certificates
- A Private Certificate Authority in Action
- The Nit anf Gritty
- Creating a Private Certificate Authority
- Publishing the Private Certificate Authority
- Using Our Private Certificate Authority
Notice (Slide Three)
"Persons attempting to find a motive in this narrative will be prosecuted;persons attempting to find a moral will be banished; persons attempting to find a plot will be shot."
- Preface for The Adventures of Huck Finn By Mark Twain
The Basics (Slide Four)
Digital Certificates and Certificate Authorities
Digital Certificates (Slide Five)
- SSL Protocol
- Encryption
- Authentication
- Digital Certificates
- A Serial Number
- Identifying Information
- Individual and/or Group Name
- Location/Contact Information
- Subject's Public Key
- Name of Issuing Certificate Authority
- A "Signature" Of Issuing Certificate Authority
- Type Of Digital Certificates
- Root Certificate
- Server Certificate
- CLient Certificate
Certificate Authorities (Slide Six)
- Public Certificate Authority; Verisign, Thawte, GeoTrust; recognized by default by most web browsers and web servers; used when no other relation exists between two parties.
- Private Certificate Authority; by default not recognized; used when a relationship already exists between two parties.
A PCA in Action (Slide Seven)
- Secure valuable data in transit between employees/departments
A PCA in Action (Slide Eight)
- Secure valuable data in transit between business/departents
The Nit and Gritty (Slide Nine)
Creating, Publishing and Using a Private Certificate Authority
Creating a Private Certificate Authority (Slide Ten)
- A self-signed Root Certificate
Creating a Private Certificate Authority (Slide Eleven)
Creating a Private Certificate Authority (Slide Twelve)
Publishing the Private Certificate Authority (Slide Thirteen)
- Setting MIME-type in Apache:
Using Our Private Certificate Authority: Server Certificate (Slide Fourteen)
- Creating a Certificate Signing Request:
Using Our Private Certificate Authority: Server Certificate (Slide Fifteen)
- Signing the Certificate Signing Request:
Using Our Private Certificate Authority: Server Certificate (Slide Sixteen)
Using Our Private Certificate Authority: Client Certificate (Slide Seventeen)
- Creating a Certificate Signing Request:
Using Our Private Certificate Authority: Client Certificate (Slides Eighteen)
- Signing the Client Signing Request:
Using Our Private Certificate Authority: Client Certificate (Slide Nineteen)
Using Our Private Certificate Authority: Certificate Revocation List (Slide Twenty)
- Revoking an Existing Digital Certificate
Publishing the Private Certificate Authority (Slide Twenty One)
- Setting MIME-type in Apache:
Review (Slide Twenty Two)
- The Basics:
- Review of Digital Certificates
- A Private Certificate Authority in Action
- The Nit and Gritty
- Creating a Private Certificate Authority
- Publishing the Private Certificate Authority
- Using Our Private Certificate Authority
Citation (Slide Twenty Three)
Hirsch, Frederick Introducing SSL and Certificates using SSLeay. 8 Oct 2002 <http://www.pseudonym.org/ssl/wwwj-index.html>.
Engelschall, Ralf User Manual mod_ssl Version 2.8 9 Oct. 2002 <http://www.modssl.org/docs/2.8/>
Resources (Slide Twenty Four)
- This Presentation:
- CD-ROM
- Upcoming Publication:
Mobily, Tony, Paul Weinstein, Mark Wilcox, Debashish Bhattacharjee, Sandip Bhattacharya, Brian Rickabaught. Apache Security. Birmingham: Wrox Press, 2003.
Resources (Slide Twenty Five)
- Apache HTTP Server Project
- Apache Week
Resources (Slide Twenty Six)
Any Questions (Slide Twenty Eight)
|
|
|
| |
Any sufficiently advanced technology is indistinguishable from magic.
-Arthur C. Clarke
|
|
|