OpenCA
Encyclopedia
OpenCA, officially the OpenCA PKI Research Labs and formerly the OpenCA Project, is a PKI
collaborative effort to develop a robust, full-featured and Open Source
out-of-the-box Certification Authority
implementing the most used protocols with full-strength cryptography.
OpenCA is based on many Open-Source Projects. Among these there are OpenLDAP
, OpenSSL
and Apache Project
.
The project development is divided into two main tasks: studying and refining the security scheme that guarantees the best model
to be used in a Certification Authority and developing software to easily setup and manage a Certification Authority.
The software development side of the project is further divided into the following sub-projects:
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...
collaborative effort to develop a robust, full-featured and Open Source
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
out-of-the-box Certification Authority
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...
implementing the most used protocols with full-strength cryptography.
OpenCA is based on many Open-Source Projects. Among these there are OpenLDAP
OpenLDAP
OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a platform-independent protocol. Several common Linux distributions...
, OpenSSL
OpenSSL
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions and provides various utility functions...
and Apache Project
Apache Software Foundation
The Apache Software Foundation is a non-profit corporation to support Apache software projects, including the Apache HTTP Server. The ASF was formed from the Apache Group and incorporated in Delaware, U.S., in June 1999.The Apache Software Foundation is a decentralized community of developers...
.
The project development is divided into two main tasks: studying and refining the security scheme that guarantees the best model
to be used in a Certification Authority and developing software to easily setup and manage a Certification Authority.
The software development side of the project is further divided into the following sub-projects:
- OpenCA PKI, a full featured PKI package.
- LibPKI, a library for PKI application development.
- OpenCA OCSPD, a small, robust Online Certificate Status Protocol daemon.
- PRQPD Server, a PKI Resource Query Protocol daemon for use in conjunction with the PKI package.
- OpenCA-ng, a planned project to implement new features and overcome limitations of the current project. (ng stands for "Next Generation")