Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Glossary

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z  |  Symbols

Certificate

Acronym(s):

None

Definition(s):

  A set of data that uniquely identifies a key pair and an owner that is authorized to use the key pair. The certificate contains the owner’s public key and possibly other information, and is digitally signed by a Certification Authority (i.e., a trusted party), thereby binding the public key to the owner.
Source(s): FIPS 186-4

  A digitally signed representation of information that 1) identifies the authority issuing it, 2) identifies the subscriber, 3) identifies its valid operational period (date issued / expiration date). In the information assurance (IA) community, certificate usually implies public key certificate and can have the following types:
A digital representation of information which at least (1) identifies the certification authority (CA) issuing it, (2) names or identifies its subscriber, (3) contains the subscriber’s public key, (4) identifies its operational period, and (5) is digitally signed by the certification authority issuing it.

Source(s): CNSSI 4009-2015 (NIST SP 800-32, CNSSI 1300, NIST SP 800-32, NIST SP 800-32, CNSSI 1300, CNSSI 1300)

  A digital representation of information which at least: (1) identifies the certification authority issuing it, (2) names or identifies its consumer, (3) contains the consumer's public key, (4) identifies its operational period, and (5) is digitally signed by the certification authority issuing it.
Source(s): NIST SP 800-146

  A digital representation of information which at least (1) identifies the certification authority issuing it, (2) names or identifies it’s Subscriber, (3) contains the Subscriber’s public key, (4) identifies it’s operational period, and (5) is digitally signed by the certification authority issuing it.
Source(s): NIST SP 800-32 (ABADSG)

  A digital representation of information which at least (1) identifies the certification authority issuing it, (2) names or identifies its subscriber, (3) contains the subscriber's public key, (4) identifies its operational period, and (5) is digitally signed by the certification authority issuing it.
Source(s): NIST SP 800-32 (ABADSG)

  As used in this CP, the term “Certificate” refers to certificates that expressly reference the OID of this CP in the “Certificate Policies” field of an X.509 v.3 certificate.
Source(s): NIST SP 800-32

  A set of data that uniquely identifies a key pair owner that is authorized to use the key pair, contains the owner’s public key and possibly other information, and is digitally signed by a Certification Authority (i.e., a trusted party), thereby binding the public key to the owner.
Source(s): NIST SP 800-89

  A digitally signed data structure defined in the X.509 standard [IS094-8] that binds the identity of a certificate holder (or subject) to a public key.
Source(s): NIST SP 800-15

  A set of data that uniquely identifies an entity, contains the entity’s public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity. Additional information in the certificate could specify how the key is used and its cryptoperiod.
Source(s): NIST SP 800-21 Second edition (NIST SP 800-57)

Synonym(s):
Public-Key Certificate
  A set of data that uniquely identifies an entity, contains the entity's public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity. Additional information in the certificate could specify how the key is used and its cryptoperiod.
Source(s): NIST SP 800-57 Part 1 Rev. 3   A set of data that uniquely identifies an entity, contains the entity's public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity.
Source(s): NIST SP 800-57 Part 3 Rev. 1   A data structure that contains an entity’s identifier(s), the entity's public key (including an indication of the associated set of domain parameters) and possibly other information, along with a signature on that data set that is generated by a trusted party, i.e. a certificate authority, thereby binding the public key to the included identifier(s).
Source(s): NIST SP 800-56A Rev. 2   A data structure that contains an entity’s identifier(s), the entity's public key and possibly other information, along with a signature on that data set that is generated by a trusted party, i.e. a certificate authority, thereby binding the public key to the included identifier(s).
Source(s): NIST SP 800-56B Rev. 1
See Also: