1·Open public certificate issuing systems.
开放式公共证书发布系统。
2·Closed private certificate issuing systems.
封闭私有证书发布系统。
3·Closed vs open certificate issuing systems.
封闭证书发布系统和公开证书发布系统。
4·To verify that the server issuing the certificate is an approved LDAP server, the client is configured only to accept certificates that are signed by a local certificate Authority (ca).
要验证发行这个证书的服务器是一个已经批准过的LDAP服务器,客户机被配置为只接受本地证书机构(CA)所签署的证书。
5·Most certificate authorities attempt to verify a person's identity to the best of their ability before issuing a digital certificate with that person's name on it.
大部分认证权威都会在发行带有个人名的数字证书之前就试图验证他的身份就是本人。
6·Before issuing a certificate, Certification Authorities run appropriate background checks on the requestor to verify that the requestor is who they say they are.
在签发证书前,认证中心对请求方进行适当的背景检查,以验证该请求方就是它自己所声称的请求方。
7·But what happens if just one of these CAs is tricked into issuing a fraudulent certificate?
但是如果有一个CA签发了一个错误认证,那会发生什么事呢?
8·During the lifetime of a digital certificate, the issuing ca might determine that the certificate is no longer to be trusted.
在一张数字证书的生命期中,正在签发的CA可能会决定该证书不再可信。
9·In addition, a reputable certificate authority will require proof of the requestor's identity before issuing a certificate.
此外,著名的证书颁发机构需要先验证请求者的身份,然后才会颁发证书。
10·The criteria can be different for each PKI, but once the CSR is approved, the CA fulfils the request by issuing a certificate.
对于每个 PKI,标准可能各不相同,但在批准 CSR 之后,CA 将通过颁发证书来完成请求。