Certificates | A digitally signed statement that contains information about an entity |
| and the entity's public key, thus binding these two pieces of information |
| together. A certificate is issued by a trusted organization (or entity) |
| called a Certification Authority (CA) after the CA has verified that the |
| entity is who it says it is. |
|
|
Certificate | A Certificate Authority is a trusted third party, which certifies public |
Authority | key's to truly belong to their claimed owners. It is a key part of any |
| Public Key Infrastructure, since it allows users to trust that a given |
| public key is the one they wish to use, either to send a private message |
| to its owner or to verify the signature on a message sent by that owner. |
|
|
Certificate | A list of certificates that have been revoked by the CA before they |
Revocation List | expired. This may be necessary if the private key certificate has been |
| compromised or if the holder of the certificate is to be denied the ability |
| to establish a tunnel to the CyberGuard SG appliance. |
|
|
Data Encryption | The Data Encryption Standard is a block cipher with |
Standard (DES) | |
|
|
Dead Peer | The method of detecting if the remote party has a stale set of keys and |
Detection | if the tunnel requires rekeying. To interoperate with the CyberGuard |
| SG appliance, it must conform to the draft |
|
|
DHCP | Dynamic Host Configuration Protocol. A communications protocol that |
| assigns IP addresses to computers when they are connected to the |
| network. |
|
|
The groups used as the basis of | |
Group or Oakley | Oakley protocol, and in IKE. |
Group |
|
A protocol that allows two parties without any initial shared secret to | |
Key Exchange | create one in a manner immune to eavesdropping. Once they have |
| done this, they can communicate privately by using that shared secret |
| as a key for a block cipher or as the basis for key exchange. |
|
|
Distinguished | A list of attributes that defines the description of the certificate. These |
Name | attributes include: country, state, locality, organization, organizational |
| unit and common name. |
|
|
DNS | Domain Name System that allocates Internet domain names and |
| translates them into IP addresses. A domain name is a meaningful and |
| easy to remember name for an IP address. |
|
|
DUN | Dial Up Networking. |
|
|
Encapsulating | Encapsulated Security Payload is the IPSec protocol which provides |
Security Payload | encryption and can also provide authentication service. |
(ESP) |
|
|
|
Encryption | The technique for converting a readable message (plaintext) into |
| apparently random material (ciphertext) which cannot be read if |
| intercepted. The proper decryption key is required to read the |
| message. |
|
|
Ethernet | A physical layer protocol based upon IEEE standards. |
|
|
