## page was renamed from Brain/Assurer'sCryptographyLibrary/GlossaryAbreviations
## page was renamed from Brain/CryptographyLibrary/GlossaryAbreviations
. '''NOTA BENE - WORK IN PROGRESS''' - [[#Inputs_.26_Thoughts|Your Inputs & Thoughts]] :-)
. '''To Brain''' '''[[Brain#CAcert.org_Assurer.27s_.26_Cryptography_Library|CAcert.org Assurer's & Cryptography Library]]''' - '''To CAcert.org ''' '''[[Brain/Assurer'sCryptographyLibrary|Assurer's & Cryptography Library - Overview]]''' - '''To CAcert.org [[Community]]'''
. '''Also look at [[Glossary]].'''
[[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/CZ|česky]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/DA|dansk]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/DE|deutsch]] | '''english''' | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/ES|español]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/FR|Français]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/IT|italiano]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/LN|lingála]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/HU|magyar]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/NL|netherlands]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/PL|polski]] | [[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/PT|português]] |
== CAcert.org Glossary & Abbreviations ==
<
>
== Purpose ==
. From "Babylon" towards a common understanding of names or expressions and their meaning in English language, as well in local languages, as CAcert.org is an International (Open Source?) Project.
. CAcert.org serving as Source for Cryptography Naming Convention for various Languages
<
>
== Benefits for CAcert.org Community & Certificate Users ==
. Everybody talks about the same thing and understands the same, as we have a common understanding of the meaning of a word or an expression and it's abbreviations. Thus, misunderstandings in communication are likely to happen less often.
. Localizations of Glossary & Abbreviations are available in '''[[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/DE|Deutsch]]''' (German), '''[[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/NL|Nederlans]]''' (Dutch), '''[[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/FR|Français]]''' (French), '''[[Brain/Assurer'sCryptographyLibrary/GlossaryAbbreviations/IT|Italiano]]''' (Italian). But keep in mind, that English language is decisive, as on one hand CAcert.org is an International Open Source (?) project and on the other hand, the waste majority of expressions have English language roots.
== Glossary & Abbreviations ==
. Inputs from: YourName
. Double entries are possible, due different name but same abreviation, e.g.: Assurance Policy is the same as CAcert.org Assurance Policy
<
>
. '''#''' - '''[[#A|A]]''' - '''[[#B|B]]''' - '''[[#C|C]]''' - '''[[#D|D]]''' - '''[[#E|E]]''' - '''[[#F|F]]''' - '''[[#G|G]]''' - '''[[#H|H]]''' - '''[[#I|I]]''' - '''[[#J|J]]''' - '''[[#K|K]]''' - '''[[#L|L]]''' - '''[[#M|M]]''' - '''[[#N|N]]''' - '''[[#O|O]]''' - '''[[#P|P]]''' - '''[[#Q|Q]]''' - '''[[#R|R]]''' - '''[[#S|S]]''' - '''[[#T|T]]''' - '''[[#U|U]]''' - '''[[#V|V]]''' - '''[[#W|W]]''' - '''[[#X|X]]''' - '''[[#Y|Y]]''' - '''[[#Z|Z]]'''<
>
==== # ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| 3rd-party Vendors || '''3PV''' || groups who ship software that might include our root key ||
|| [[https://svn.cacert.org/CAcert/Policies/Agreements/3PVDisclaimerAndLicence.html|3pv -- Disclaimer and Licence]] || '''3PV-DaL''' || A licence that permits the 3PV to distribute our root key ||
||''' ? ''' || || ||
==== A ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Address Validation''' ||'''AV''' ||Is the verification of the control of an email address of an email account, only. Intended for certificates issued to individuals (assumption) for use with S/MIME email. <
> more about [[https://wiki.mozilla.org/CA:Glossary|mozilla.org - CA Glossary]] ||
||'''Access Control List''' || '''ACL''' || Is a list of permissions attached to an object. An ACL specifies which users - or system processes - are granted access to objects, as well as what operations are allowed to be performed on given objects. <
> more about [[http://en.wikipedia.org/wiki/Access_control_list| en.wikipedia.org]] ||
|| Alice || || the first party in a cryptographic protocol. See Alice & Bob ||
|| Alice and Bob || || the concept of using human names for describing protocols. Alice is the first person, Bob the second. Then, Carol. Trent is a TTP. See [[http://en.wikipedia.org/wiki/Alice_and_Bob|wikipedia]] for the full list ||
||'''Arbitrated Background Check''' || '''ABC''' || A check conducted under direction of Arbitrator, generally for critical roles under [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#s9.1.4|SP9.1.4]]. Similar to positive vetting. ||
||'''Arbitrator''' || '''(A)''' || The name of the person who hears and rules on disputes within our Community. ||
||'''Arbitration''' || || The form of Dispute Resolution used in CAcert, which involves an agreed person adjudicating a dispute rather than a Judge/Magistrate. See DRP. ||
|| '''Arbitration Clause''' || [[http://www.cacert.org/policy/CAcertCommunityAgreement.php#3.2|CCA3.2]]''' || Under the concept of Arbitration, this is the clause that signals to all that we have agreed Arbitration up-front, in our original contracts. ||
|| '''Association''' || CAcert Inc || being the Association, incorporated in NSW Australia, which manages the intellectual property and CA assets of the Community ||
|| '''Association Member'''|| || a fully-paid up member of the Association CAcert Inc. ''Not to be confused with Member, which is someone who has agreed to CCA. Always write Association Member in full, not as Member.'' ||
||'''Assurance ''' || || Is the CAcert process to build the ''web-of-trust'', known in the PKI world as Registration, or verification and validation. ||
||'''Assurer ''' || ||Is a person who verifies the Assurance Statement from AP. Has to have 100 Assurance Points and pass the Assurer Challenge. ||
||'''[[AssuranceHandbook|Assurance Handbook]]''' || '''AH''' || A working manual under control of the Assurance Officer for the detailed work of the Assurer ||
||'''[[AssuranceOfficer|Assurance Officer]] ''' || '''AO''' || officer appointed by the Board to deal with management of the Assurance Policy and the CAP ||
||'''Assurance Points ''' || || Is a measures or metric of the confidence in the Assurance Statement (not to be confused with Experience Points, which are combined on the website). Assurance Points go from 0 to 100. ||
||'''[[http://www.cacert.org/policy/OrganisationAssurancePolicy.php|Assurance Policy]]''' ||'''AP''' || The policy that controls Assurance and the CAP. ||
||'''Assurance Training Event''' ||'''ATE''' || Is an updating and testing event to bring Assurers up to speed with new developments, and provide reliable data for audit ||
|| Assurance Statement || || the high-level set of things that the Assurer feeds into the web-of-trust. ||
||'''Author Domain Signing Practices''' || '''ADSP''' ||Is an optional extension to the E-mail authentication scheme '''[[#D|DKIM]]''', whereby a domain can publish the signing practices it adopts when relaying mail on behalf of associated authors. ADSP was adopted as a standards track RFC 5617 <
> more about '''[[Brain/PoliciesAndSignificantTechnicalStandards#Significant_Technical_Standards|Technical Standards - RFC 5617]]''' <
> more about [[http://en.wikipedia.org/wiki/Author_Domain_Signing_Practices| en.wikipedia.org]] ||
||''' ? ''' || || ||
==== B ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| '''Board of CAcert''' || Board || the usual name of the committee of the association ||
||''' ? ''' || || ||
==== C ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''CAcert.org Arbitrator''' || || See Arbitrator ||
||'''CAcert.org Arbitration''' || || See Arbitration ||
||'''CAcert.org Assurer ''' || || See Assurer ||
||'''CAcert.org ORGA-Assurer ''' || OA || See Organisation Assurer ||
||CAcert.org '''Assurance Policy ''' ||'''AP''' || See AP ||
||'''CAcert.org Assurance Programme''' ||'''CAP''' ||Is the process, policies and practices for CAcert's Assurance. ''NB: Programme and Program are English/American equivalent spellings.'' ||
||CAcert Assumption of Privacy in Email ||'''CAPE'''|| A suggestion of a way to indicate privacy of email is desired by sender, not so far adopted (probably too close to CAP)||
||'''CAcert.org Assurer Testing System''' ||'''CATS'''|| An automated testing system for the basic level (not: Cybernetic Android Trained for Sabotage) ||
||CAcert.org Assurer Reliable Proposition ||CARP || (not adopted, was an early form of CARS) ||
||'''CAcert.org Assurer Reliable Statement''' ||'''[[CARS]]''' || A general statement that can be relied upon by others in the same sense as a certificate or CAP form. Add CARS to your name in an email to make such a statement, and digitally sign it. ||
||'''CAcert Community Agreement''' ||'''CCA'''|| The agreement that all members of the Community sign up with ||
||'''CAcert.org Official Document''' ||'''COD'''|| A document created under [[https://svn.cacert.org/CAcert/Policies/ConfigurationControlSpecification.html|CCS]] for audit & policy purposes. CODs are listed in the [[https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html|Controlled Document List or CDL]] ||
||'''CAcert.org Organisation Assurance Programme''' ||'''COAP'''|| ||
||'''CAcert.org Policy on Junior / Assurer Members''' ||'''PoJAM''' ||Is the policy... || ||
||'''Case Manager (in Arbitrations)''' ||'''CM'''|| The administrative helper who oversees the detail of a given Arbitration. Assists the Arbitrator ||
||'''Certification Authority''' ||'''CA''' || A maker of Reliable Statements over Persons, which are encoded in Certificates in x.509. CAcert has a CA. <
> more about [[http://en.wikipedia.org/wiki/Certificate_authority|en.wikipedia.org]]||
||'''Certificate Policy''' ||'''CP'''|| A PKI document, not used in CAcert as the CP is folded into the CPS ||
||'''Certificate Revocation List''' ||'''CRL''' ||Is a list of certificates - more specifically, a list of serial numbers for certificates - that have been revoked or are no longer valid, and therefore should not be relied upon. <
> more about '''[[Brain/PoliciesAndSignificantTechnicalStandards#Significant_Technical_Standards|Technical Standards - RFC 3280]]''' <
> more about [[http://en.wikipedia.org/wiki/Certificate_revocation_list|en.wikipedia.org]] ||
||'''[[http://www.cacert.org/policy/CertificationPracticeStatement.php|Certification Practise Statement]]''' ||'''CPS'''|| The headline document that is expected by the PKI community to document a CA's practices ||
||'''Certificate Signing Request''' ||'''CSR''' ||Is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. <
> more about [[http://en.wikipedia.org/wiki/Certificate_signing_request|en.wikipedia.org]] ||
||'''Claimant (in Arbitrations)''' ||'''(C)'''|| A person who files a dispute under DRP and makes some claims within the filing that have to be answered. See Respondent ||
|| '''Committeee of CAcert''' || Board || The elected Association Members who manage the executive affairs of the Community and the Association ||
|| '''Community''' || || The group of Members who have agreed to the CCA ||
||'''[[http://svn.cacert.org/CAcert/Policies/ConfigurationControlSpecification.html|Configuration-Control Specification]]''' || '''CCS''' || the top level index to audit, matching the requirements of DRC-A.1 ||
||'''[[http://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html|Controlled Document List]]''' || CDL || the list of documents that are controlled for audit purposes under CCS, known also by their COD number ||
||''' ? ''' || || ||
==== D ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Domain Name System''' ||'''DNS''' ||Is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. As an analogy, it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. <
> more about [[http://en.wikipedia.org/wiki/Domain_Name_System|en.wikipedia.org]] ||
||'''[[#D|DomainKeys]] Identified Mail''' ||'''DKIM''' ||Is an email anti-spoofing protocol using digital signatures. It provides senders with a way to prove email from their domain has not been tampered or forged, and provides receivers a mechanism to validate email content without prior arrangement. <
> more about '''[[Brain/PoliciesAndSignificantTechnicalStandards#Significant_Technical_Standards|Technical Standards - RFC 4871]]''' <
> more about [[http://en.wikipedia.org/wiki/DKIM|en.wikipedia.org]] ||
|| '''David Ross Criteria''' || '''DRC''' || The criteria used as the framework of review points for a systems audit of CAcert ||
|| '''Digital (public key cryptography) Signature''' || '''digsig''' || a mathematical transform made over a document, generally by means of a public key algrithm like RSA or DSA. These are mostly used in authentication protocols like TLS. Sometimes they are used as part of a digital signing protocol, but the term should not be confused with digitial signing. ||
|| '''digital signing''' || || A protocol to emulate the adding of a human ("manuscript") signature signalling intent to agree to a document. Sometimes but badly confused with Digital Signature or digsig. CAcert's CPS warns that digital signing is only permitted within some wider regime or protocol ||
||'''Dispute Resolution Officer ''' ||'''DRO'''|| The person appointed by board to manage the system of Arbitration under DRP ||
|| '''[[http://www.cacert.org/policy/DisputeResolutionPolicy.php|Dispute Resolution Policy]]''' || '''DRP''' || The policy that creates the forum of Arbitration and the rules of Dispute Resolution ||
|| '''DRAFT status''' || '''DRAFT''' || The status where the policy group has voted a policy into binding over the Community. However the document remains changeable within the policy group, as the group prepares it for its final POLICY status. ||
||''' ? ''' || || ||
==== E ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| Experience Points || || points allocated to reflect the experience gained by an Assurer as more Assurances are done. Generally, 2 points for each Assurance done. They start at 0 and end at 50. ''(In the old system, Assurance Points were added to Experience Points.)'' ||
||''' End-Entity ''' || EE || A certificate belonging to a non-CA entity, e.g. you, me or the computer on your desk. ||
||''' ? ''' || || ||
==== F ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== G ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== H ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== I ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| Individual || || CAcert's preferred term for a natural person under law, meaning a human being. It is preferred to the legal term because it is clearer. ||
||'''Internationalized Domain Name''' ||'''IDN''' ||Is an Internet domain name that may contain characters written in a non-Latin script, such as Arabic, Chinese, Cyrillic, Devanagari, Georgian, Greek, Hebrew, and many others. These names contain one or more non-ASCII characters that may be Latin letters with diacritics, or elements of entirely non-alphabetic scripts. <
> more about [[http://en.wikipedia.org/wiki/Internationalized_domain_name|en.wikipedia.org]] <
> more on Mozilla [[http://www.mozilla.org/projects/security/tld-idn-policy-list.html|IDN-enabled TLDs]] ||
||''' ? ''' || || ||
==== J ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| Just A Document || JAD || occasional term to indicate a document that is '''not intended for policy track'' but is otherwise useful ||
||''' ? ''' || || ||
==== K ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== L ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Lightweight Directory Access Protocol''' || '''LDAP''' || Is an application protocol for querying and modifying directory services running over [[#T| TCP/IP]]. <
> more about [[http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol| en.wikipedia.org]] ||
==== M ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| '''Member of the Community''' || '''Member''' || Someone who has agreed to the CCA by signing up on the website or participating in an Assurance. ''Not to be confused with __(Association Member)__ which is a member of the Association.'' ||
|| '''miniTOP''' || miniTOP || a physical meeting of a team, see TOP. Don't forget to write up minutes, we love to hear what is going on! ||
|| '''miniminiTOP''' || mmT || a small meeting of some team members, often accidental or informal, no minutes only beer ||
|| '''miniminiminiTOP''' || mmmT || a miniminiTOP in a mini ||
||'''Multipurpose Internet Mail Extensions''' ||'''MIME''' ||Is an Internet standard that extends the format of e-mail to support: -Text in character sets other than ASCII, - Non-text attachments, - Message bodies with multiple parts, - Header information in non-ASCII character sets. Signature with application/x-pkcs7-signature is defined in '''[[#S|S/MIME]]'''. <
> more about [[http://en.wikipedia.org/wiki/MIME|en.wikipedia.org]] ||
||''' ? ''' || || ||
==== N ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Non-Repudiation''' ||'''NR'''|| the concept of ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. Generally, this is a concept that is conceptual, not realisable. It is not used or offered by CAcert. ||
||'''Non-related Person''' ||'''NRP'''|| A non-related person is someone who comes into contact with our certificates, but neither we nor they know about it. Typically, through seeing an SSL website or a signed email. They are not a "party" to our contracts because they have not ever seen them, a legal conundrum. ||
||NRP's old Disclaimer and License ||NRP's old --(D a L)--|| This old now-withdrawn licence attempted to solve the issue but was withdrawn. It's role is replaced by [[http://www.cacert.org/policy/RootDistributionLicense.php|RDL]]. See also [[USE]] ||
||''' ? ''' || || ||
==== O ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''OFFER''' ||'''[[OFFER]]''' || The CAcert term-of-art to describe making a certificate available for others to use. See also [[RELY]] and [[USE]]. Always in caps. ||
||'''Online Certificate Status Protocol''' ||'''OCSP''' ||Is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It was created as an alternative to certificate revocation lists - CRL, specifically addressing certain problems associated with using CRLs in a public key infrastructure -PKI. <
> more about '''[[Brain/PoliciesAndSignificantTechnicalStandards#Significant_Technical_Standards|Technical Standards - RFC 2560]]''' <
> more about [[http://en.wikipedia.org/wiki/Certificate_signing_request|en.wikipedia.org]] ||
||'''Open source Ticket Request System''' ||'''OTRS'''|| a trouble-ticket system that we use to manage our Support requests, see http://otrs.org/ ||
|| '''Organisation Administrator''' || '''OrgAdmin''' old 'O-Admin" || the person within an Organisation who is responsible for managing the certificates within. Must be an Assurer. See [[http://www.cacert.org/policy/OrganisationAssurancePolicy.php#2.3|OAP 2.3]] ||
|| '''Organisation''' || '''Org''' || CAcert's name for "legal persons" being groups and entities that have some way to externally evidence their existance ||
||'''Organisation Assurance''' ||'''OrgA''' || The practices and processes to meet the Assurance need over Organisations ||
|| '''[[Brain/EducationTraining/OrganisationAssurance/Manual|Organisation Assurance Manual]]''' || OAM ? || The document that details the working and day-to-day procedures for Organisation Assurance. ||
||'''Organisation Assurance Policy''' ||'''OAP'''|| The policy that controls all Assurance over Organisations ||
||'''Organisation Assurer''' ||'''OA'''|| An Assurer who has passed additional training and testing for Organisations, under [[http://www.cacert.org/policy/OrganisationAssurancePolicy.php#2.2|OAP 2.2]] ||
||'''Organisation Assurers Training Event''' || || ''(does not exist? a thought experiment or desire?)'' ||
||'''Organisation Assurance Officer''' ||'''OAO'''|| the board-appointed OA that manages the Organisation Assurance policy and practices||
||''' ? ''' || || ||
==== P ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Parental consent Form''' ||'''PCF''' || ||
||'''Personally Identifiable Information''' ||'''PII'''|| this is the term favoured by privacy regulators to indicate information or data that can be used to uniquely identify and track a person. ||
|| '''Policy''' || pol || A document that probably is required by Audit, listed in the CDL ||
|| '''POLICY status''' || '''POLICY''' || the status of a document that is fully approved to be binding over the Community. See WIP and DRAFT ||
||'''Policy Group''' || || the group of people that can create and approve policies of the community, found on the cacert-policy maillist ||
||'''Policy Officer''' ||'''PO'''|| A Board-appointed person who manages documents on policy track and other things under PoP ||
||'''Policy on Junior / Assurer Members''' ||'''PoJAM''' || The subsidiary policy under AP that states how Juniors can become Members and/or Assurers ||
||'''[[https://www.cacert.org/policy/OrganisationAssurancePolicy.php|Policy on Policy]]''' ||'''PoP'''|| The Policy that gives to the Policy Group the power to create further Policies. This policy was bootstrapped into existance by being approved by the Board at 2007 TOP. ||
|| '''policy track''' || || the journey a document takes from WIP to DRAFT to POLICY ||
|| '''Privacy Policy''' ||'''PR'''|| ||
|| '''prospective Organisation Assurer''' ||'''pOA'''|| An Assurer who has being trained for Argainsation Assurance, under [[http://www.cacert.org/policy/OrganisationAssurancePolicy.php#2.2|OAP 2.2]] ||
||'''Public-Key Cryptography Standards'''||'''PKCS'''||In cryptography, PKCS refers to a group of Public-Key Cryptography Standards devised and published by RSA Security.<
> more about [[http://en.wikipedia.org/wiki/PKCS| en.wikipedia.org]]||
||'''Public Key Infrastructure''' ||'''PKI''' || 1. Is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital keys using asymmetric (public, private) keys. <
> 2. Is the above set with particular reference to the x.509 standard (assumes certificates and CAs). <
> 3. Contrasting to PGP WoT. <
> more about [[http://en.wikipedia.org/wiki/Public_key_infrastructure|en.wikipedia.org]] ||
||''' ? ''' || || ||
==== Q ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== R ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||'''Expression in English''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Registration Authority''' ||'''RA''' || Collectors and verifiers of evidence for Reliable Statements to be later put into certificates by the CA. In CAcert, our Assurers are our RAs, and together they operate the WoT or Web of Trust. ||
||'''RELIANCE''' ||'''[[RELY]]''' || The CAcert term-of-art to describe making a decision based on the information in our certificate. Available to our Members, not others. See also [[OFFER]] and [[USE]]. Always in Caps. ||
||'''Relying Party Agreement''' ||'''RPA''' || The common industry term for the contract between a CA and users who are permitted to rely on the certificates. For CAcert, the CAcert Community Agreement permits reliance, and is more or less our RPA (however there are some assumptions in classical RPAs which are not matched by our structure) ||
||'''Respondent (in Arbitrations)''' ||'''(R)''' || Someone who is named by the Claimant as needing to respond to some claims made to an Arbitrator in a duly filed dispute under DRP. The claims are often administrative, but need not be. The most common claim is about the precise spelling of a Name. ||
||''' Risks, Liabilities and Obligations ''' || R/L/O || [[RisksLiabilitiesObligations|Risks, Liabilities and Obligations]] as requested by [[http://www.rossde.com/CA_review/CA_review_A.html#A6|DRC A.6 Declarations of Risks and Liability]] ||
||''' ? ''' || || ||
==== S ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Software-Assessor''' ||'''SA''' || according to SP, this is the software who reviews patches and transfers them to the critical team ||
||'''Software Assessment Project''' ||'''SAP''' || see [[Software/Assessment]] for detailed infos ||
||'''Secure/Multipurpose Internet Mail Extensions''' ||'''S/MIME''' ||Is a standard for public key encryption and signing of e-mail encapsulated in '''[[#M|MIME]]'''. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. <
> more about [[http://en.wikipedia.org/wiki/S/MIME|en.wikipedia.org]] ||
||'''Secure Socket Layer''' ||'''SSL''' ||Technically, a cryptographic network protocol and predecessor of '''[[#T|Transport Layer Security]]''' ('''[[#T|TLS]]''') <
> In wider usage, it is the overall usage of secure connections of SSL v2 and TLS protocols, extending into use of certificates, CAs and policies. ||
||'''Security Manual''' ||'''SM'''|| ||
||'''Security Policy''' ||'''SP'''|| ||
||'''Server Name Indication''' ||'''SNI''' ||Is a feature that improves the '''[[#S|SSL]]''' and '''[[#T|TLS]]''' protocol. It permits the client to request the domain name, before the certificate is committed to by the server. This is essential for using TLS in virtual hosting mode. <
> more about [[http://en.wikipedia.org/wiki/Server_Name_Indication|en.wikipedia.org]] ||
||'''Single Sign On''' ||'''SSO'''|| a conceptual term covering systems of authentication that allow a person to connect to many different systems, using only one "login" protocol. Typically, popular SSOs are client certificates (our favourite), OpenID, LDAP, various Microsoft projects (InfoCard, .NET). However, none have taken off in big form for various reasons. ||
||'''Subversion''' ||'''SVN'''|| Version Control system used by CAcert - svn.cacert.org for storing documents and source code under version control ||
||'''Support Engineer''' ||'''SE'''|| A critical role who has the ability to search members' accounts, read PII and adjust features. Controlled under Security Policy. ||
||'''Support Officer''' ||'''SO'''|| the team leader for the Support Team ||
||''' ? ''' || || ||
==== T ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' Transmission Control Protocol / Internet Protocol ''' || '''TCP/IP''' || Is... ||
|| '''TOP''' || '''TOP''' || physical meeting of the Board and senior people in CAcert, from [[TopMinutes-20070917|Pirmasens TOP in 2007]] ||
||'''Top-Level Domain''' ||'''TLD''' ||Is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. <
> more about [[http://en.wikipedia.org/wiki/TLD|en.wikipedia.org]] ||
||'''Transport Layer Security''' ||'''TLS''' ||Is a cryptographic network protocol and successor of '''[[#S|Secure Sockets Layer]]''' ('''[[#S|SSL]]'''), that provides security for communications over networks such as the Internet and encrypts the segments of network connections at the Transport Layer end-to-end.. <
> more about '''[[Brain/PoliciesAndSignificantTechnicalStandards#Significant_Technical_Standards|Technical Standards - RFC 5246]]''' <
> more about [[http://en.wikipedia.org/wiki/Transport_Layer_Security|en.wikipedia.org]] ||
|| '''Trent''' || || the name of a persona in a protocol who is acting as a TTP ||
|| '''Triage''' First Responders Team || '''Triage'''|| the team of people who read incoming support requests and pass them quickly to a small number of ''channels'' being Arbitration, Support Engineers, and, a small number of buckets like Junk. ||
||'''Trusted Third Party''' ||'''TTP''' ||Is a PKI term for some person who covers a hole in governance somewhere. It is a hand-waving way to solve a technical problem by passing it across to some Oracle who can Know these things. Also known as a CVP or Centralised Vulnerability Party. Typically, a CA is considered to be a TTP. ||
||''' ? ''' || || ||
==== U ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| '''Universal Time, Coordinated''' || '''UTC''' || the ISO name for the time we use for meetings. Also GMT or Greenwich Mean Time or Zulu Time ||
||'''USAGE''' ||'''[[USE]]''' || The CAcert term-of-art to describe the act of your software in conducting its tasks, incorporating our certificates. See also [[RELY]] and [[OFFER]]. Always in caps. ||
||''' ? ''' || || ||
==== V ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== W ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||'''Web of Trust ''' ||'''WoT''' || Is a method for gathering and sharing statements, within a community, where each individual states something over some other individual. The entire statements are aggregated in some fashion. In terms of technical implementations, the most commonly known ones are CAcert's WoT (see CAP) and the PGP WoT ||
||'''Whois Data Reminder Policy''' ||'''WDRP''' ||Is... <
> [[https://lists.cacert.org/wws/arc/cacert-sysadm/2009-12/msg00011.html|cacert.org whois data reminder]] <
> more about [[http://www.icann.org/en/registrars/wdrp.htm|Web Site ICANN]] ||
||'''Work In Progress status''' || '''WIP'''|| A document that is on policy track, that is, it is intended to go to DRAFT then POLICY ||
||''' ? ''' || || ||
==== X ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== Y ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
||''' ? ''' || || ||
==== Z ====
. [[#Glossary_.26_Abbreviations|Top ↑]]
||''' Expression in English ''' ||'''Abbreviation''' ||''' Description / Explanation / Purpose ''' ||
|| '''Zulu Time''' || '''Z''' or '''Zulu''' || another name for UTC or GMT, just added so the Z section isn't lonely ||
||''' ? ''' || || ||
<
>
----
== Inputs & Thoughts ==
. YYYYMMDD-YourName
. {{{
Text / Your Statements, thoughts and e-mail snippets, Please
}}}
----
. 20091213-PieterVanEmmerik
. {{{
Why is this 2 levels deep and hard to find?
At the moment there are 3 places with Glossary and Abbreviations!
This should be easy to find and easy to use.
Can someone create a link on the main page to "the" Glossary & Abbreviations page?
}}}
----
. 20100420-[[Iang]]
. Another good resource on infosec terms relevant to CAcert is [[http://www.rogerclarke.com|Roger Clarke's]] ''[[http://www.rogerclarke.com/ID/IdModel-1002.html|A Sufficiently Rich Model of (Id)entity, Authentication and Authorisation]]'', ([[http://is2.lse.ac.uk/idis/2009/|IDIS 2009]]) and the associated [[http://www.rogerclarke.com/ID/IdModelGloss.html|Glossary]].
----
<
> '''Category''' or '''Categories'''<
>
CategoryGlossary