<
 
 
 
 
×
>
Vous consultez une page Web conservée, recueillie par Bibliothèque et Archives Canada le 2007-11-25 à 02:19:56. Il se peut que les informations sur cette page Web soient obsolètes, et que les liens hypertextes externes, les formulaires web, les boîtes de recherche et les éléments technologiques dynamiques ne fonctionnent pas. Voir toutes les versions de cette page conservée.
Chargement des informations sur les médias

You are viewing a preserved web page, collected by Library and Archives Canada on 2007-11-25 at 02:19:56. The information on this web page may be out of date and external links, forms, search boxes and dynamic technology elements may not function. See all versions of this preserved page.
Loading media information
X
Canada Revenue Agency
Symbol of the Government of Canada

About Public Key Infrastructure

A PKI is an automated system that manages the generation, maintenance, and delivery of encryption and digital signature keys. Together, encryption and digital signature keys provide:

  • Confidentiality - Data is obscured and protected from view or access by unauthorized individuals.

  • Integrity - The verifier of a digital signature can easily determine whether or not digitally signed data has been altered since it was signed.

  • Authentication - Users can securely identify themselves to other users and servers on a network without sending secret information (such as passwords) over the network.

  • Non-repudiation - Users who digitally sign data cannot later successfully deny having signed that data.

  • Access control - Data can only be accessed in a comprehensible form by those specifically identified when data was encrypted.

Both key types – encryption and digital signature – have two related components: a public key component that is accessible to all users, and a private key component that must be secured from access by others.

The public key and other identification information is stored in a digital certificate that is digitally signed by a Certification Authority (CA). The CA's digital signature on the digital certificate binds the identity of the end-entity with its public key. It also guarantees that the public key has not been tampered with.

To create a level of assurance or trust in the CA, certain policies and procedures must be followed. One of the main issues is the registration process, which involves how a client is identified and authenticated before a digital certificate is issued.

Certification Policy (CP)

Prior to using CRA PKI-enabled applications, participants should be aware of their rights, obligations and responsibilities contained in the CRA Certificate Policy (PDF, 611KB), especially sections 1.3.3, 1.4, 9.6.3, and 9.6.4.