Course Content - PKI Online Training

1. Introduction

2. Standards

An X.509 certificates

b. Certificate chains

c. Name constraints

d. Trust path building

e. Validation process

3. Internet PKI

a. Certification Authorities

b. Relying parties

c. Certificate types (DV, EV, and OV)

d. Certificate lifecycle (validation, issuance, and revocation)

e. CA/B Forum and its standards

f. Weaknesses

g. History of attacks

4. Revocation

a. CRL

b. OCSP

c. OCSP stapling

d. CRLsets and OneCRL

e. Short-lived certificates

5. Defenses

a. Certification Authority Authorization (CAA)

b. Public Key Pinning

i. Static pinning

ii. HPKP

iii. DNSSEC/DANE

6. Certificate Transparency

7. PKI ecosystem monitoring

a. SSL Pulse

b. Censys

c.crt.sh

8. Project: Building and deploying a realistic private CA

Share this with your friends:

Faculty Registration

Student Registration

Top