Outline for November 22, 2006

Reading: §10.6; 11.4.1; 12.1

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Cryptographic Key Infrastructure
    1. Certificate, key revocation
  3. Digital Signatures
    1. Judge can confirm, to the limits of technology, that claimed signer did sign message
    2. RSA digital signatures: sign, then encipher
  4. PEM, PGP
    1. Goals: confidentiality, authentication, integrity, non-repudiation (maybe)
    2. Design goals: drop in (not change), works with any RFC 821-conformant MTA and any UA, and exchange messages without prior interaction
    3. Use of Data Exchange Key, Interchange Key
    4. Review of how to do confidentiality, authentication, integrity with public key IKs
    5. Details: canonicalization, security services, printable encoding (PEM)
    6. PGP v. PEM
  5. Authentication
    1. validating client (user) identity
    2. validating server (system) identity
    3. validating both (mutual authentication)

You can also obtain a PDF version of this. Version of November 26, 2006 at 10:00 AM