X509-PKI
X.509 certificates - public key infrastructure.
Definition
X.509 v3 comprises version, serial, signature algorithm, issuer DN, validity, subject DN, subject public key, extensions (Subject Alternative Name, Key Usage, Extended Key Usage, AIA, CRL Distribution Points). Used everywhere in TLS, mTLS, S/MIME, code signing, AdES.
Origin
ITU-T X.509 v1 published 1988 ; v3 (RFC 5280) in May 2008.
Example in context
A PEPPOL Access Point certificate is X.509 v3 issued by OpenPEPPOL PKI Authority, valid 1 year, auto-renewal.
Related terms
- OCSP Stapling — revocation check.