IBM®

SecureWay®

Trust Authority

P?IG9/HCW&,$I

P

IBM®

SecureWay®

Trust Authority

P?IG9/HCW&,$I

P

4mU!

\q"*hS\q,5]

\!

h1O Trust Authority KD$F . . . . 1

h2O 5W . . . . . . . . . . . . . . 3

h3O RA "I_K9Hl

Ql8 . . . . . . . . . . . . . . . 51 wz . . . . . . . . . . . . . . . . 65

iv Trust AuthorityP?IG9/HCW&,$I

h1O Trust Authority KD$F

IBM®

SecureWay®

Trust AuthorityO"f

v Ef(s8sN}g5]wrT$^9#

v ^ru^7F$k IBM DB2® fKP

h2O 5W

H%G;-e"&"Wj1

4 Trust AuthorityP?IG9/HCW&,$I

h3O RA "I_K9Hl

http://www.ibm.com/software/security/trust/library

RA Desktop N$s9HG9#

2. RA DesktopGHQG-kh&K7? Web Vi&6

m: RA "I_K9Hl

H,Z@~z

~O7?H,Z@~z (g8z.8zNhL"j) r"h7F:lJ$h

&K7F/@5$#H,Z@~zO"eGP?WaNu7rN'9k]

K,WKJj^9#

Ia$s>

I}9kP?Ia$sN>0r~O7^9#

U#

7. ,WG"lP"@&sm

9kh&Wa5l^9#3NUC*J;-ejF#

v ,WK~8F"VHq?$WWN*rbFrQ(:K"UC*JC-rXj7Fl30rXj9k3H,G-^9#

-z|B,ZlkZ@qN!w

VHqW?VG"CjN|VbK-z|B,Zlk"97D=JZ@qNl3

Z0#!Nh&JA0G=(5l^9#

i9HM

v ZNt,r=(7^9#2. h}9kl3

`\N0-N=(

VHqkLW?VG"!Nh&J`nrT$^9#

1. HqNkLF0#

0-M 0-NM#3NMO"Wa^?OZ@qNi$U&5$/kNSfGQ

99k3H,G-^9#

5. ,WK~8F"F

3asH

"/7gs,Tol?~K RA "I_K9Hl

+i`KhkF

6. ,WK~8F"V"/7gsKD$FN3asHrU1^9WG""/7gs

KD$Fb@9k3asHr~O7F/@5$#

7. Vw."/7gsWr/jC/7F"*r7?l3

0-MNQ9

V\YW?VGO"P?War5'9k]"^?O9GK0;7?WaKP7F"

/7gsrBT9k]K"ltN0-NMrQ99k3H,G-^9#

1. V=(WG"VS8M9&Wm;9QtWr*r7^9#

2. 977?$0-K9/m

1. V"/7gsrBTWG""/7gsr*r7^9#

2. V"/7gsKD$FN3asHrU1^9WG"F-9HHK3asHr~O

7^9#3asHO"Gg 512 8zG9#

3. Vw."/7gsWr/jC/7F"l3

IAiN?VrHQ9klgGb"!Nh&K7^9#

1. V"/7gsrBTWG"!NIAi+r/jC/7^9#

v VWar97D=K9kWv VWar97TD=K9kW

2. Vw."/7gsWr/jC/7^9#

Z@qN]1

Z@qNl~*J]1O"VHqkLW?V^?O"V\YW?VNIAi+GT

&3H,G-^9#VHqkLW?VrHQ9klgO" #tNZ@qr]1K9k

3H,G-^9#

IAiN?VrHQ9klgGb"!Nh&K7^9#

1. V"/7gsrBTWG"VhjC7Wr/jC/7^9#

2. V}3WG"V]1K9kWr*r7^9#

m: 33G]1K7?Z@qO CRL (Z@qhjC7j9H) K~lil"-z|BbG"lP"eGj9H+i|"5;k3H,G-^9#

3. Vw."/7gsWr/jC/7^9#

3N"/7gsrT&H"l3

CRL +iNZ@qN|n

CRL +iNZ@qN|n,T(ku7H7FO"!N$:l+Nlg,"j^9#

v CRL +i5zKJC?Z@qr|n9k#v }3KV]1K9kWrXj7FhjC7?Z@qr|"5;k#

m: ]1K5lF$kVKZ@qN-z|B,Zl?lg"=NZ@qr|"5;k3HOG-^;s#

CRL +iNZ@qN|nO"VHqkLW?V^?OV\YW?VNIAi+GT&

3H,G-^9#VHqkLW?VrHQ9klgO" #tNZ@qr CRL +i|

n9k3H,G-^9#

IAiN?VrHQ9klgGb"!Nh&K7^9#

1. V"/7gsrBTWG"VhjC7Wr/jC/7^9#

2. V}3WG"VCRL +i|n7^9Wr*r7^9#

3. Vw."/7gsWr/jC/7^9#

3N"/7gsrT&H"l3NVi&6

22 Trust AuthorityP?IG9/HCW&,$I

h4O ps

3N;/7gsNHTC/GO" RA DesktopN_jK*1kP?"'Z"*hSI

}N50rjA^?Ob@7F$^9#

P? (Enrollment)

P? (Enrollment)HO"Z@qr=7~`3HG9# Trust Authority GO"#tN

}!GP?rT&3H,G-k?a"H%N}KK>CF"HQ9k}!r*r9

k3H,G-^9#f

93H,G-^9#v0P?5l?MO"+,NZ@qrWaG-kh&KJC

?H-K"O5l?3liNpsrxQ9k3H,G-^9#

3liN?9/rT&?aNjz-H7F" Trust AuthorityfNBNKG#8?kZ@qrU?9kWm;9G

9# Trust AuthorityGO"^:"P?Kh)CFWm0i`+ RA "I_K9Hl

P?G

l3

1L>

1L> (DN) O"G#8?kZ@qNG#l/Hj7?G#8?k.QZ@qN3HG"=NZ@qN]}TN

H5r]Z7^9#Z@qN]}TO">Nf

B4J Trust AuthorityP?5

v Z@qr97TDK9kH"=NZ@qN]}TO"E$Z@qN-z|B,Zlk^GTA"z-3-Z@q,,WG"klgKFSP?rT&,W,"j^

9#FSP?rT&]O"GiKP?rTC?]K~O7?9YFNpsrs!

9k,W,"j^9#

!Nf

RA Desktop 5]

h5O jU!ls9

3N;/7gsGO"RA DesktopG=(5lk"U#

,"j^9#=lJ0NWaO"h}9k?aK,WJps,T=,

JWaG9#3lOGU)kHMG9#

5'Q_

RA ^?O RA "I_K9Hl

– V97D=-WNj9HrHQ7F"BT9kHqG97D=JZ@qr!w

9k+97TDNZ@qr!w9k+rXj7^9#j9HKO"!Nh&J

M,"j^9#

97D=

-z|BbG"lP97D=JZ@q#

97TD

97TDNZ@q#

– V-z|BNOOWrHQ9kH"CjN|VK-z|B,Zlk`\@1r

!w7^9#3NU#

– 25

jAQ_Hq

jAQ_HqO"GU)kHHq@1G9#3NHqGO"]1fNWar9YF

!w7^9#

V!wBYW*W7gs

VHqW?VGO"V!wBYWK!N*W7gsr_j9k3H,G-^9#

v 50v 100v 150v 250 (GU)kH)v 5)B (HqHlW9k9YFNl3

v ,WK~8F"WaN5'N]KLNWaWmU!$krXj9kU#

Z@qrhjC9}3

Z@qNhjC7rT&H-KO"=N}3r*r9k,W,"j^9#Z@qr

hjC9]K*rG-k-zJ}3KO"!Nh&JbN,"j^9#

l3

– 0-r=(7F$klgO"0-H=N0-M,F

'Zps97ND]

Z@q,97D=+I&+r(9M#

'Zps UUIDFQG- ID#3lO"G

Wau7

P?WaNu7#3Nu7O""/7gszrG=(5l^9# 41Z

1 /*hS 2 /]'TDaC;!=rs!7"aC;N_3NZ@qN]}T,"U!$kKG#8?kp>9k3HrD=K7^

9#3NZ@qKO"=lJ0N\*O_j5lF$^;s#

1 /*hS 2 / Web /i$"sH'ZWeb Vi&6

P?WaNu7

9YFNu7O"/7gszrK$YsHH7F-?5l^9#

!Nu7OWau7K^^l^9#

5'Q_

P?WaO9GK5'5lF$^9#

0; P?WaO"RA ^?O RA "I_K9Hl

U#

+

+

C-v`

\qK*$F"|\GO/=5lF$J$ IBM =J (!#*hSWm0i`)"Wm

0i_s0^?O5N IBM =JK@Z7F$kt,,"CFb"3N3HO

v:Wm0i`^?O=JN_,HQD=G"k3HrU#9kbNGO"j^;

s# 3liNWm0i`^?O=JKe(F" IBM NN*j-"r/29k3HN

J$!=*K1yJ>RNWm0i`"=J^?O5NWm0

i` (\Wm0i`r^`) HNVGNpsr9"*hS (ii) r95l?psNj_

xQrD=K9k3Hr\*H7F"\Wm0i`KX9kpsr,WH9k}

O"

\qK*$F(5lkQU)

Java*hS9YFN JavaX"N&8*hSm4O Sun Microsystems, Inc.NFq*

hS=N>NqK*1k&8^?OP?&8G9#

Microsoft"Windows"Windows NT"*hS Windowsm4O Microsoft CorporationN

Fq*hS=N>NqK*1k&8G9#

UNIX O"X/Open Company Limited,i$;s97F$kFq*hS=N>NqK

*1kP?&8G9#

PentiumO"Intel CorporationNFq*hS=N>NqK*1k&8G9#

3NWm0i`KO"RSA Data Security, Inc.N;-ejF#

48 Trust AuthorityP?IG9/HCW&,$I

X"ps

Trust Authority=J8qO"IBM SecureWay Trust Authority DocumentationCD-ROM

+i" Portable Document Format (PDF)*hS HTML U)

Trust Authority Web5$HN Library Z

Ql8

3NQl8GO"\qGHolF$k77$Ql

dJ8_NJ$Ql"=#rz/HM(ilkQ

lKD$F"Ql*hSJ,ArjA7F$^

9#QlHjANP5OJ

0Z" (key pair). sPNEfGHQ5lk"P~9k0NP#l}N0OEf=K">}OEf=r|KHQ

5lk#

>[d_MCHo

j9k#=Nl}Ox+0">}Ok)0HFPlk#

FMNx+0OQVjC/JbNH5lkl}"k)0

O=NM@1Nk)K7F*/# w.&Hu.&O!)

psr&Q9k,WOJ$#9YFN3_eK1r!Z9

k3H,G-k# x+0rHCFEf=5l?G

GeL CA (top CA). PKI CA ,XNGeLK"kCA#

5$HZ@q (site certificate). CA Z@qHwF$k,"CjN Web 5$HG7+-zGJ$Z@q#VCA

Z@q (CA certificate)Wb2H#

1L> (distinguished name (DN)). G#l/Hj

aC;

G#l/Hj< (Directory). 3_eK1

His6/7gs ID (transaction ID). P?0h}NP?WaXN~zH7F"RA ,Xj9kID#f

8`FQu~Xj@l (Standard Generalized MarkupLanguage (SGML)). ^

is6/7gsG3NMrHQ7F"=NHis6/7

gsKX"7?Wa^?OZ@qNu7r!w9k3H

,G-k#

?. (authorization). j=

F

FTP. U!$k>wWmH3k (File Transfer Protocol)#

H

HTML. O$Q

MrA.9kh&K=lr"k9k# ^?"PEMWmH

3kNfG MD2 H&KHQ5lk#

MIME (Multipurpose Internet Mail Extensions). 8z;CHN[Jk@lNF-9Hrr99k3HrD=K

9k"+3KxQG-kEMN;CH#^?"$s?<

MCHNaNIST. Fq".ps&;QI (National Institute ofStandards and Technology)#50KO NBS (National Bureau

of Standards)H$ 3sTe

RA 5

CFo

64 Trust AuthorityP?IG9/HCW&,$I

wz

|\l, tz, Qz, Cl8zNg

K[s5lF$^9#J*, y;

H>y;O6;H1yK7olF

$^9#

N"TO"/7gs"RA "I_K9Hl

G

RA "I_K9Hl

68 Trust AuthorityP?IG9/HCW&,$I

IBM

Printed in Japan

SH88-8502-00