NOTA BENE - WORK IN PROGRESS - Your Inputs & Thoughts
To Brain CAcert.org Assurer's & Cryptography Library - To CAcert.org Assurer's & Cryptography Library - Overview - To CAcert.org Community
Also look at Glossary.
česky | dansk | deutsch | english | español | Français | italiano | lingála | magyar | netherlands | polski | português |
CAcert.org Glossary & Abbreviations
Purpose
- From "Babylon" towards a common understanding of names or expressions and their meaning in English language, as well in local languages, as CAcert.org is an International (Open Source?) Project.
- CAcert.org serving as Source for Cryptography Naming Convention for various Languages
Benefits for CAcert.org Community & Certificate Users
- Everybody talks about the same thing and understands the same, as we have a common understanding of the meaning of a word or an expression and it's abbreviations. Thus, misunderstandings in communication are likely to happen less often.
Localizations of Glossary & Abbreviations are available in Deutsch (German), Nederlans (Dutch), Français (French), Italiano (Italian). But keep in mind, that English language is decisive, as on one hand CAcert.org is an International Open Source (?) project and on the other hand, the waste majority of expressions have English language roots.
Glossary & Abbreviations
Inputs from: YourName
- Double entries are possible, due different name but same abreviation, e.g.: Assurance Policy is the same as CAcert.org Assurance Policy
# - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
#
Expression in English
Abbreviation
Description / Explanation / Purpose
3rd-party Vendors
3PV
groups who ship software that might include our root key
3PV-DaL
A licence that permits the 3PV to distribute our root key
?
A
Expression in English
Abbreviation
Description / Explanation / Purpose
Address Validation
AV
Is the verification of the control of an email address of an email account, only. Intended for certificates issued to individuals (assumption) for use with S/MIME email.
more about mozilla.org - CA GlossaryAccess Control List
ACL
Is a list of permissions attached to an object. An ACL specifies which users - or system processes - are granted access to objects, as well as what operations are allowed to be performed on given objects.
more about en.wikipedia.orgAlice
the first party in a cryptographic protocol. See Alice & Bob
Alice and Bob
the concept of using human names for describing protocols. Alice is the first person, Bob the second. Then, Carol. Trent is a TTP. See wikipedia for the full list
Arbitrated Background Check
ABC
A check conducted under direction of Arbitrator, generally for critical roles under SP9.1.4. Similar to positive vetting.
Arbitrator
(A)
The name of the person who hears and rules on disputes within our Community.
Arbitration
The form of Dispute Resolution used in CAcert, which involves an agreed person adjudicating a dispute rather than a Judge/Magistrate. See DRP.
Arbitration Clause
Under the concept of Arbitration, this is the clause that signals to all that we have agreed Arbitration up-front, in our original contracts.
Association
CAcert Inc
being the Association, incorporated in NSW Australia, which manages the intellectual property and CA assets of the Community
Association Member
a fully-paid up member of the Association CAcert Inc. Not to be confused with Member, which is someone who has agreed to CCA. Always write Association Member in full, not as Member.
Assurance
Is the CAcert process to build the web-of-trust, known in the PKI world as Registration, or verification and validation.
Assurer
Is a person who verifies the Assurance Statement from AP. Has to have 100 Assurance Points and pass the Assurer Challenge.
AH
A working manual under control of the Assurance Officer for the detailed work of the Assurer
AO
officer appointed by the Board to deal with management of the Assurance Policy and the CAP
Assurance Points
Is a measures or metric of the confidence in the Assurance Statement (not to be confused with Experience Points, which are combined on the website). Assurance Points go from 0 to 100.
AP
The policy that controls Assurance and the CAP.
Assurance Training Event
ATE
Is an updating and testing event to bring Assurers up to speed with new developments, and provide reliable data for audit
Assurance Statement
the high-level set of things that the Assurer feeds into the web-of-trust.
Author Domain Signing Practices
ADSP
Is an optional extension to the E-mail authentication scheme DKIM, whereby a domain can publish the signing practices it adopts when relaying mail on behalf of associated authors. ADSP was adopted as a standards track RFC 5617
more about Technical Standards - RFC 5617
more about en.wikipedia.org?
B
Expression in English
Abbreviation
Description / Explanation / Purpose
Board of CAcert
Board
the usual name of the committee of the association
?
C
Expression in English
Abbreviation
Description / Explanation / Purpose
CAcert.org Arbitrator
See Arbitrator
CAcert.org Arbitration
See Arbitration
CAcert.org Assurer
See Assurer
CAcert.org ORGA-Assurer
OA
See Organisation Assurer
CAcert.org Assurance Policy
AP
See AP
CAcert.org Assurance Programme
CAP
Is the process, policies and practices for CAcert's Assurance. NB: Programme and Program are English/American equivalent spellings.
CAcert Assumption of Privacy in Email
CAPE
A suggestion of a way to indicate privacy of email is desired by sender, not so far adopted (probably too close to CAP)
CAcert.org Assurer Testing System
CATS
An automated testing system for the basic level (not: Cybernetic Android Trained for Sabotage)
CAcert.org Assurer Reliable Proposition
CARP
(not adopted, was an early form of CARS)
CAcert.org Assurer Reliable Statement
A general statement that can be relied upon by others in the same sense as a certificate or CAP form. Add CARS to your name in an email to make such a statement, and digitally sign it.
CAcert Community Agreement
CCA
The agreement that all members of the Community sign up with
CAcert.org Official Document
COD
A document created under CCS for audit & policy purposes. CODs are listed in the Controlled Document List or CDL
CAcert.org Organisation Assurance Programme
COAP
CAcert.org Policy on Junior / Assurer Members
PoJAM
Is the policy...
Case Manager (in Arbitrations)
CM
The administrative helper who oversees the detail of a given Arbitration. Assists the Arbitrator
Certification Authority
CA
A maker of Reliable Statements over Persons, which are encoded in Certificates in x.509. CAcert has a CA.
more about en.wikipedia.orgCertificate Policy
CP
A PKI document, not used in CAcert as the CP is folded into the CPS
Certificate Revocation List
CRL
Is a list of certificates - more specifically, a list of serial numbers for certificates - that have been revoked or are no longer valid, and therefore should not be relied upon.
more about Technical Standards - RFC 3280
more about en.wikipedia.orgCPS
The headline document that is expected by the PKI community to document a CA's practices
Certificate Signing Request
CSR
Is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. Before creating a CSR, the applicant first generates a key pair, keeping the private key secret.
more about en.wikipedia.orgClaimant (in Arbitrations)
(C)
A person who files a dispute under DRP and makes some claims within the filing that have to be answered. See Respondent
Committeee of CAcert
Board
The elected Association Members who manage the executive affairs of the Community and the Association
Community
The group of Members who have agreed to the CCA
CCS
the top level index to audit, matching the requirements of DRC-A.1
CDL
the list of documents that are controlled for audit purposes under CCS, known also by their COD number
?
D
Expression in English
Abbreviation
Description / Explanation / Purpose
Domain Name System
DNS
Is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. As an analogy, it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses.
more about en.wikipedia.orgDomainKeys Identified Mail
DKIM
Is an email anti-spoofing protocol using digital signatures. It provides senders with a way to prove email from their domain has not been tampered or forged, and provides receivers a mechanism to validate email content without prior arrangement.
more about Technical Standards - RFC 4871
more about en.wikipedia.orgDavid Ross Criteria
DRC
The criteria used as the framework of review points for a systems audit of CAcert
Digital (public key cryptography) Signature
digsig
a mathematical transform made over a document, generally by means of a public key algrithm like RSA or DSA. These are mostly used in authentication protocols like TLS. Sometimes they are used as part of a digital signing protocol, but the term should not be confused with digitial signing.
digital signing
A protocol to emulate the adding of a human ("manuscript") signature signalling intent to agree to a document. Sometimes but badly confused with Digital Signature or digsig. CAcert's CPS warns that digital signing is only permitted within some wider regime or protocol
Dispute Resolution Officer
DRO
The person appointed by board to manage the system of Arbitration under DRP
DRP
The policy that creates the forum of Arbitration and the rules of Dispute Resolution
DRAFT status
DRAFT
The status where the policy group has voted a policy into binding over the Community. However the document remains changeable within the policy group, as the group prepares it for its final POLICY status.
?
E
Expression in English
Abbreviation
Description / Explanation / Purpose
Experience Points
points allocated to reflect the experience gained by an Assurer as more Assurances are done. Generally, 2 points for each Assurance done. They start at 0 and end at 50. (In the old system, Assurance Points were added to Experience Points.)
End-Entity
EE
A certificate belonging to a non-CA entity, e.g. you, me or the computer on your desk.
?
F
Expression in English
Abbreviation
Description / Explanation / Purpose
?
G
Expression in English
Abbreviation
Description / Explanation / Purpose
?
H
Expression in English
Abbreviation
Description / Explanation / Purpose
?
I
Expression in English
Abbreviation
Description / Explanation / Purpose
Individual
CAcert's preferred term for a natural person under law, meaning a human being. It is preferred to the legal term because it is clearer.
Internationalized Domain Name
IDN
Is an Internet domain name that may contain characters written in a non-Latin script, such as Arabic, Chinese, Cyrillic, Devanagari, Georgian, Greek, Hebrew, and many others. These names contain one or more non-ASCII characters that may be Latin letters with diacritics, or elements of entirely non-alphabetic scripts.
more about en.wikipedia.org
more on Mozilla IDN-enabled TLDs?
J
Expression in English
Abbreviation
Description / Explanation / Purpose
Just A Document
JAD
occasional term to indicate a document that is not intended for policy track but is otherwise useful
?
K
Expression in English
Abbreviation
Description / Explanation / Purpose
?
L
Expression in English
Abbreviation
Description / Explanation / Purpose
Lightweight Directory Access Protocol
LDAP
Is an application protocol for querying and modifying directory services running over TCP/IP.
more about en.wikipedia.org
M
Expression in English
Abbreviation
Description / Explanation / Purpose
Member of the Community
Member
Someone who has agreed to the CCA by signing up on the website or participating in an Assurance. Not to be confused with (Association Member) which is a member of the Association.
miniTOP
miniTOP
a physical meeting of a team, see TOP. Don't forget to write up minutes, we love to hear what is going on!
miniminiTOP
mmT
a small meeting of some team members, often accidental or informal, no minutes only beer
miniminiminiTOP
mmmT
a miniminiTOP in a mini
Multipurpose Internet Mail Extensions
MIME
Is an Internet standard that extends the format of e-mail to support: -Text in character sets other than ASCII, - Non-text attachments, - Message bodies with multiple parts, - Header information in non-ASCII character sets. Signature with application/x-pkcs7-signature is defined in S/MIME.
more about en.wikipedia.org?
N
Expression in English
Abbreviation
Description / Explanation / Purpose
Non-Repudiation
NR
the concept of ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. Generally, this is a concept that is conceptual, not realisable. It is not used or offered by CAcert.
Non-related Person
NRP
A non-related person is someone who comes into contact with our certificates, but neither we nor they know about it. Typically, through seeing an SSL website or a signed email. They are not a "party" to our contracts because they have not ever seen them, a legal conundrum.
NRP's old Disclaimer and License
NRP's old D a L
This old now-withdrawn licence attempted to solve the issue but was withdrawn. It's role is replaced by RDL. See also USE
?
O
Expression in English
Abbreviation
Description / Explanation / Purpose
OFFER
The CAcert term-of-art to describe making a certificate available for others to use. See also RELY and USE. Always in caps.
Online Certificate Status Protocol
OCSP
Is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It was created as an alternative to certificate revocation lists - CRL, specifically addressing certain problems associated with using CRLs in a public key infrastructure -PKI.
more about Technical Standards - RFC 2560
more about en.wikipedia.orgOpen source Ticket Request System
OTRS
a trouble-ticket system that we use to manage our Support requests, see http://otrs.org/
Organisation Administrator
OrgAdmin old 'O-Admin"
the person within an Organisation who is responsible for managing the certificates within. Must be an Assurer. See OAP 2.3
Organisation
Org
CAcert's name for "legal persons" being groups and entities that have some way to externally evidence their existance
Organisation Assurance
OrgA
The practices and processes to meet the Assurance need over Organisations
OAM ?
The document that details the working and day-to-day procedures for Organisation Assurance.
Organisation Assurance Policy
OAP
The policy that controls all Assurance over Organisations
Organisation Assurer
OA
An Assurer who has passed additional training and testing for Organisations, under OAP 2.2
Organisation Assurers Training Event
(does not exist? a thought experiment or desire?)
Organisation Assurance Officer
OAO
the board-appointed OA that manages the Organisation Assurance policy and practices
?
P
Expression in English
Abbreviation
Description / Explanation / Purpose
Parental consent Form
PCF
Personally Identifiable Information
PII
this is the term favoured by privacy regulators to indicate information or data that can be used to uniquely identify and track a person.
Policy
pol
A document that probably is required by Audit, listed in the CDL
POLICY status
POLICY
the status of a document that is fully approved to be binding over the Community. See WIP and DRAFT
Policy Group
the group of people that can create and approve policies of the community, found on the cacert-policy maillist
Policy Officer
PO
A Board-appointed person who manages documents on policy track and other things under PoP
Policy on Junior / Assurer Members
PoJAM
The subsidiary policy under AP that states how Juniors can become Members and/or Assurers
PoP
The Policy that gives to the Policy Group the power to create further Policies. This policy was bootstrapped into existance by being approved by the Board at 2007 TOP.
policy track
the journey a document takes from WIP to DRAFT to POLICY
Privacy Policy
PR
prospective Organisation Assurer
pOA
An Assurer who has being trained for Argainsation Assurance, under OAP 2.2
Public-Key Cryptography Standards
PKCS
In cryptography, PKCS refers to a group of Public-Key Cryptography Standards devised and published by RSA Security.
more about en.wikipedia.orgPublic Key Infrastructure
PKI
1. Is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital keys using asymmetric (public, private) keys.
2. Is the above set with particular reference to the x.509 standard (assumes certificates and CAs).
3. Contrasting to PGP WoT.
more about en.wikipedia.org?
Q
Expression in English
Abbreviation
Description / Explanation / Purpose
?
R
Expression in English
Abbreviation
Description / Explanation / Purpose
Registration Authority
RA
Collectors and verifiers of evidence for Reliable Statements to be later put into certificates by the CA. In CAcert, our Assurers are our RAs, and together they operate the WoT or Web of Trust.
RELIANCE
The CAcert term-of-art to describe making a decision based on the information in our certificate. Available to our Members, not others. See also OFFER and USE. Always in Caps.
Relying Party Agreement
RPA
The common industry term for the contract between a CA and users who are permitted to rely on the certificates. For CAcert, the CAcert Community Agreement permits reliance, and is more or less our RPA (however there are some assumptions in classical RPAs which are not matched by our structure)
Respondent (in Arbitrations)
(R)
Someone who is named by the Claimant as needing to respond to some claims made to an Arbitrator in a duly filed dispute under DRP. The claims are often administrative, but need not be. The most common claim is about the precise spelling of a Name.
Risks, Liabilities and Obligations
R/L/O
Risks, Liabilities and Obligations as requested by DRC A.6 Declarations of Risks and Liability
?
S
Expression in English
Abbreviation
Description / Explanation / Purpose
Software-Assessor
SA
according to SP, this is the software who reviews patches and transfers them to the critical team
Software Assessment Project
SAP
see Software/Assessment for detailed infos
Secure/Multipurpose Internet Mail Extensions
S/MIME
Is a standard for public key encryption and signing of e-mail encapsulated in MIME. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs.
more about en.wikipedia.orgSecure Socket Layer
SSL
Technically, a cryptographic network protocol and predecessor of Transport Layer Security (TLS)
In wider usage, it is the overall usage of secure connections of SSL v2 and TLS protocols, extending into use of certificates, CAs and policies.Security Manual
SM
Security Policy
SP
Server Name Indication
SNI
Is a feature that improves the SSL and TLS protocol. It permits the client to request the domain name, before the certificate is committed to by the server. This is essential for using TLS in virtual hosting mode.
more about en.wikipedia.orgSingle Sign On
SSO
a conceptual term covering systems of authentication that allow a person to connect to many different systems, using only one "login" protocol. Typically, popular SSOs are client certificates (our favourite), OpenID, LDAP, various Microsoft projects (InfoCard, .NET). However, none have taken off in big form for various reasons.
Subversion
SVN
Version Control system used by CAcert - svn.cacert.org for storing documents and source code under version control
Support Engineer
SE
A critical role who has the ability to search members' accounts, read PII and adjust features. Controlled under Security Policy.
Support Officer
SO
the team leader for the Support Team
?
T
Expression in English
Abbreviation
Description / Explanation / Purpose
Transmission Control Protocol / Internet Protocol
TCP/IP
Is...
TOP
TOP
physical meeting of the Board and senior people in CAcert, from Pirmasens TOP in 2007
Top-Level Domain
TLD
Is one of the domains at the highest level in the hierarchical Domain Name System of the Internet.
more about en.wikipedia.orgTransport Layer Security
TLS
Is a cryptographic network protocol and successor of Secure Sockets Layer (SSL), that provides security for communications over networks such as the Internet and encrypts the segments of network connections at the Transport Layer end-to-end..
more about Technical Standards - RFC 5246
more about en.wikipedia.orgTrent
the name of a persona in a protocol who is acting as a TTP
Triage First Responders Team
Triage
the team of people who read incoming support requests and pass them quickly to a small number of channels being Arbitration, Support Engineers, and, a small number of buckets like Junk.
Trusted Third Party
TTP
Is a PKI term for some person who covers a hole in governance somewhere. It is a hand-waving way to solve a technical problem by passing it across to some Oracle who can Know these things. Also known as a CVP or Centralised Vulnerability Party. Typically, a CA is considered to be a TTP.
?
U
Expression in English
Abbreviation
Description / Explanation / Purpose
Universal Time, Coordinated
UTC
the ISO name for the time we use for meetings. Also GMT or Greenwich Mean Time or Zulu Time
USAGE
The CAcert term-of-art to describe the act of your software in conducting its tasks, incorporating our certificates. See also RELY and OFFER. Always in caps.
?
V
Expression in English
Abbreviation
Description / Explanation / Purpose
?
W
Expression in English
Abbreviation
Description / Explanation / Purpose
Web of Trust
WoT
Is a method for gathering and sharing statements, within a community, where each individual states something over some other individual. The entire statements are aggregated in some fashion. In terms of technical implementations, the most commonly known ones are CAcert's WoT (see CAP) and the PGP WoT
Whois Data Reminder Policy
WDRP
Is...
cacert.org whois data reminder
more about Web Site ICANNWork In Progress status
WIP
A document that is on policy track, that is, it is intended to go to DRAFT then POLICY
?
X
Expression in English
Abbreviation
Description / Explanation / Purpose
?
Y
Expression in English
Abbreviation
Description / Explanation / Purpose
?
Z
Expression in English
Abbreviation
Description / Explanation / Purpose
Zulu Time
Z or Zulu
another name for UTC or GMT, just added so the Z section isn't lonely
?
Inputs & Thoughts
YYYYMMDD-YourName
Text / Your Statements, thoughts and e-mail snippets, Please
20091213-PieterVanEmmerik
Why is this 2 levels deep and hard to find? At the moment there are 3 places with Glossary and Abbreviations! This should be easy to find and easy to use. Can someone create a link on the main page to "the" Glossary & Abbreviations page?
20100420-Iang
Another good resource on infosec terms relevant to CAcert is Roger Clarke's A Sufficiently Rich Model of (Id)entity, Authentication and Authorisation, (IDIS 2009) and the associated Glossary.
Category or Categories