CA (Certification Authority) provides certification for safe electronictrades through Internet, and it can sign and issue digital certificates andauthenticate users' identifications. This thesis studies the implementationmethods of a CA system. First, it introduces PKI (Public Key Infrastructure)and the basic cryptographic theories, and analyzes the necessity andsignificance of CA. Then modular ideas in software designs are proposed, andthe process of certificate request, revocation and validation are studied. Basedon the various topologies of a CA system, a combined hierarchical-networkarchitecture is proposed, which simplifies the search of certification path and atthe same time improves the certification efficiency.
|