11 321
1 CA (Certication Authority) ( ) 1 3 CA S/MIME[104][105][106] SSL[107](Secure Sockets Layer), TLS[108](Transport Layer Security) WWW Netscape Microsoft Web SSL CA CA CA CA CA CA CA members only CA (moca) WIDE WIDE 1 Web SSL Web Web SSL 1 SSL Web WIDE WIDE CA 323
324 1997 WIDE WIDE Web SSL CA WIDE Web 2
2 CA 2.1 WIDE WIDE WIDE 2.1.1 WIDE WIDE 400 WIDE ID WIDE WIDE 20 WIDE ( ) 2.1.2 WIDE ( WG) WIDE 1 (5,7,11,12 ) (3,9 ) WIDE Web 325
326 1997 WIDE 2.2 Web 2.2.1 Web 2 2 Web Web SSL 2.2.2 SSL SSL Socket SSL X.509 [109][110] X.509 2.1 (CA) CA CA CA SSL Web Web CA Web SSLeay SSL Web 2.2
11 327 ( ) ( ID, ) ( ID ) 2.1: -------------------------------------------------------------------------------- /usr/local/etc/httpd/conf/.htpasswd /C=JP/O=WIDE Project/CN=abc@def.meiji.ac.jp:xxj31ZMTZzkVA ( ) /C=JP/O=WIDE Project/CN=abc@def.meiji.ac.jp -------------------------------------------------------------------------------- 2.2: 2.3 WIDE CA Web 2 Web WIDE ( Web CA )
328 1997 WIDE CA 2.4 Web 9 7 10 3 (= 230 ) 2.4.1 (= WIDE ) WIDE 1) 2) 2.4.2 2.3 CA ICAP1.0 [111]+ Web SSL Web Netscape Navigator 3.0 Netscape Communicator 4.0
SSL Web 11 329 Apache 1.2.+ SSLeay 0.6.6 SSL Web BSD/OS 2.1 Web (Apache+SSLeay) SunOS4.1.4 CA (ICAP+Apache+SSLeay) 2 4 3 1 Web (Netscape) OS 2.3: 2.4.3 2 1 ICAP CA X.509 ( 2.3 1,2) 2 Web SSL SSL Web Web ( 2.3 3,4) 2.4 2.5 1 Web 1 1 Netscape
330 1997 WIDE CA (ICAP) CA (CA ) ( 2.6) / 2.4: 1 Web 2.5: 2 2.4.4 1) 2) 3) WIDE 1) 2.1.1 2) 2.1.2
11 331 3) WIDE CA CA 2.6: 3 (1) 7 ( 6.2 ) CA CA (2) 9 CA PGP 2 (3) 9 CA (1) (2) CA (3) 2.4.5 1. SSL Web CA 2 (2) CA PGP
332 1997 WIDE 2. CA 3. 2.5 2.5.1 2.1 180 230 2.4.4 (1) (2) (3) (2) 2.1: WIDE (411) 2.5.2 2.2 7 127 1 56 CA
11 333 2.2: (180) 2.6 2.6.1 A 2.5.1 WIDE WIDE WIDE CA CA B 2.5.2 ICAP ICAP
334 1997 WIDE 2.6.2 A ICAP ICAP 3 100 CA 56 CA B SSL Web Windows UNIX OS OS C SSL Web (CRL) CA CRL Web CRL CRL 3 ICAP ICAP
11 335 Web WIDE CA 1. Web 2. ( ) CA CA 3. DN i) Web ii) Web CA 1 iii) Web 2.2
3 7 3 CA 1998 3 1998 3 6 1998 4 7 3.1 7 ( 2.3) 2 7 7 2 5 2 CRL Web SSL S/MIME SSL S/MIME ( 6.1.3 7 ) 2 CRL 336
11 337 SSL S/MIME 3.2 2.4.3 1 2 1 2 3.1 3.2 ( ) / 3.1: 1 ( 1) 3.1 2.4 3.1 3.2
338 1997 WIDE ( ) / 3.2: 1 ( 2) CA 3.1 2 2 1 1 1. 3.1 2. 7 3.2 3.3
11 339 1. 2.4.4 (2) 2. 7 7 3.4 2.4.5 7 1. SSL Web CA 2. CA 3. 4. CA 2 3.5 1998 4 60 7 7 1/3 2 14 3.3 3.3: 2 5 Netscape 3 2 4
340 1997 WIDE 3.6 3.6.1 7 1 1998 3 7 7,600 170 ( 2.4.4 (2)) 7 2.4.4 (2) 6.3 200 100 60 7 3.6.2 2 2 2 Netscape 1 3% S/MIME 1 Netscape 7 ( 4.04)
11 341 CRL SSL 2 CRL 3.6.3 Netscape 4.03 SSL S/MIME WIDE S/MIME WIDE CA Netscape Netscape 4.03 3.6.4 Web moca 1998 3 Web SSL Web Web SSL ( ) Web moca SSL Web Web
4 CA CA ( ) ( ) WIDE WIDE CA WIDE CA (WIDE 400 ) WIDE ID WIDE /VeriSign Class 1 Digital ID/ / PIN / / WIDE moca URL / ( ) 342
11 343 4.1: moca WIDE (Internet Explorer/Netscape Communicator Microsoft/Netscape ) S/MIME Web / VeriSign Class 1 Digital ID VeriSign Class 1 Digital ID VeriSign Class 1 Digital ID Revoke / Replace VeriSign WIDE PIN WIDE VeriSign PIN
5 CA 2 WIDE 2 2 ( ) 1 CA 7 Netscape 100 (1/4 ) 344
11 345 CA CA CA 3 4
6 6.1 moca WIDE members only CA 6.1.1 CA Sun SPARCStation2 OS SunOS 4.1.4 800Mbyte CA ICAP1.0 + (7 ) ICAP2.2 + ( ) Web Apache1.2 +SSLpatch (SSL ) SSL SSLeay-0.8.0 SSL SSL 6.1.2 CA 6.1 CA CA 1997 9 15 IPRA 10 346
11 347 IPRA IPRA Cert IPRA ICAT ICAT Cert IPRA... WIDE moca ISIT CA PILOT CA WIDE moca Cert ICAT 6.1: moca 6.1.3 7 X.509 1 3 (DN) Country JP( ) JP( ) Organization WIDE Project( ) WIDE Project( ) Organizational Unit ( ) ( ) Common Name WIDE ML Email(PKCS#9 ) ( ) WIDE ML X.509 ( 1 ) basic Constraints notca(0) certicatepolicies ICAP authorityinfoaccess(*) ICAP crldistributionpoints ICAP netscape-cert-type(**) SSLclient S/MIME (*) ICAT (**) Netscape : Version No = 2 Serial No = 20 Validity from 980227103939Z to 980611000000Z issuer: C=JP O=WIDE Project OU=members only CA subject:
348 1997 WIDE C=JP O=WIDE Project OU=NEC Corporation CN=Mine Sakurai emailaddress=m-sakura@ccs.mt.nec.co.jp signature: md5withrsaencryption publickey: alg = rsaencryption basicconstraints: not critical not CA certificatepolicies: not critical CertPolicyID: ICAT CPS PolicyQualifierInfo: policyidentifier: id-pkix-cps qualifier: http://www.icat.or.jp/ authorityinfoaccess: not critical authorityinfo: http://moca.wide.ad.jp/cgi-bin/calookupreq certstatus: http://moca.wide.ad.jp/cgi-bin/verifyreq crldistributionpoints: not critical DistributionPointName: fullname: http://moca.wide.ad.jp/cgi-bin/crlreq netscape-cert-type: not critical Type: SSLclient S/MIME 6.1.4 1 7 5 10 2 6.2 ( ) ---------------------------------------------------------------------- WIDE moca 1997 * CA * : * : * e-mail: (wide@wide e-mail ) : 7-=N@XLq ( CA ): ( )
11 349 : ------------ ------------ 1997 WIDE moca ( ) (e-mail ) * e-mail: (wide@wide e-mail ) : 7-=N@XLq URL <URL:http://moca.wide.ad.jp/index.html> 1 5 ---------------------------------------------------------------------- 6.3 6.3.1 6.2 6.3 6.3.2
350 1997 WIDE 6.2:
11 351 6.3: 1. ( 6.4) 6.4: Send Request 2. ( 6.5)
352 1997 WIDE 6.5: Issue Certicate CA CA (A) CA 3. ( 6.6) 512 Issue Certicate 4. ( 6.7) ( 6.8)... 4 5. ( 6.9)
11 353 6.6: 6.7: ( 6.10)
354 1997 WIDE 6.8: ( ) 6.9: 5... 5 Web Netscape 6. ( 6.11) Netscape 7. ( 6.12)
11 355 6.10: ( ) 6.11: (111 111) 12. ( 6.13) Communicator Communicator(C) (S)... 7
356 1997 WIDE 6.12: 6.13: