1 / 11

Entegrity PKIBench John Hughes john.hughes@entegrity

Entegrity PKIBench John Hughes john.hughes@entegrity.com. What is it and used for?. A Windows based PKI Work Bench Used for: interoperability testing fault analysis education Used: Internally Clients (e.g CESG/CloudCover) Interoperability testing forums, e.g NSS

chiku
Download Presentation

Entegrity PKIBench John Hughes john.hughes@entegrity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Entegrity PKIBench John Hughes john.hughes@entegrity.com Entegrity PKIBench1

  2. What is it and used for? • A Windows based PKI Work Bench • Used for: • interoperability testing • fault analysis • education • Used: • Internally • Clients (e.g CESG/CloudCover) • Interoperability testing forums, e.g NSS • Initial CA interoperability testing. E.g. Baltimore, Cybertrust, Identrus Entegrity PKIBench2

  3. Design Overview MFC GUI Entegrity SDP OCSP module LDAP module PKCS#11 Driver(s) Entegrity PKIBench3

  4. Functionality Overview • PKI Object Viewer (certs, CRLs, PKCS#12, PKCS#7) • “pretty view” • ASN.1 • Hex • “tunneling” - e.g extract cert from PKCS#7 chain • PKCS#11 device analyzer • LDAP Directory content viewer and extractor • Cert chain verification (no RM, CRLs, OCSP) • PKCS#7 verification (no RM, CRLs, OCSP) • Certification (request, response and x-cert) Entegrity PKIBench4

  5. Entegrity PKIBench5

  6. Entegrity PKIBench6

  7. Extracted Entegrity PKIBench7

  8. Local cert cache Example - Cert Chain Validation Entegrity PKIBench Verify Cert - no RM - with CRLs - with OCSP Token PKCS#12 Binary Cert PEM Cert LDAP PKCS#7 Binary CRL Entegrity PKIBench8

  9. Entegrity PKIBench9

  10. View Cert Verify Cert Entegrity PKIBench10

  11. Proposal • Provide evaluation copy of PKIBench to PKIForum members involved in testing • Useful in identifying problems • Reference “client” test harness (based on our VeriSign, Baltimore, Cybertrust, iD2 and Entrust testing) • Welcome input on new features .... Entegrity PKIBench11

More Related