Getting to know the terms and technical glossary for an app feature can help you better understand it.
Root Certificate: The top-most certificate in a certificate hierarchy, issued by a trusted Certificate Authority (CA), which signs other certificates.
Certificate Authority (CA): An entity that issues digital certificates and verifies the identity of the certificate holder.
Public Key Infrastructure (PKI): A framework that manages digital certificates and public-key encryption to secure communications.
Digital Certificate: An electronic document that uses a digital signature to bind a public key with an identity.
Certificate Chain: A sequence of certificates, starting from a root certificate down to the end-entity certificate, establishing a trust path.
Intermediate Certificate: A certificate issued by a root CA that acts as a bridge between the root certificate and end-entity certificates.
End-Entity Certificate: A digital certificate issued to an individual or organization, used to establish secure connections.
X.509: A standard that defines the format of public key certificates, including root certificates.
Certificate Revocation List (CRL): A list maintained by a CA that contains certificates that have been revoked before their expiration date.
Online Certificate Status Protocol (OCSP): A protocol used for obtaining the revocation status of an X.509 digital certificate in real time.
Self-Signed Certificate: A digital certificate that is signed by the same entity it certifies, rather than a trusted CA.
Trust Store: A repository of trusted root certificates that applications use to validate the authenticity of other certificates.
SSL/TLS: Secure Sockets Layer/Transport Layer Security; protocols that secure communications over a computer network using certificates.
Public Key: The key that is shared publicly and used for encrypting data or verifying signatures in asymmetric cryptography.
Private Key: The secret key that is kept confidential and used to decrypt data or create digital signatures in asymmetric cryptography.
Key Pair: A combination of a public key and a private key used in asymmetric encryption.
Signature Algorithm: The algorithm used by a CA to sign certificates, ensuring their integrity and authenticity.
Certificate Policy (CP): A document that specifies the rules and procedures for issuing and managing certificates by a CA.
Timestamping: A process that adds a digital timestamp to a certificate to indicate when it was issued or signed.
Expiration Date: The date when a digital certificate is no longer valid and must be renewed or replaced.