Skip to content

hannob/awesomex509

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Uses of X.509 Certificates

X.509 Certificates are primarily known due to their use in TLS/SSL, but there are plenty of other places where they play a role.

Use case What Background / Link(s)
WebPKI/HTTPS & other TLS Internet Transport Encryption https://en.wikipedia.org/wiki/Transport_Layer_Security
S/MIME, PKCS #7, CMS E-Mail Encryption https://en.wikipedia.org/wiki/S/MIME
IPsec VPN https://datatracker.ietf.org/doc/html/rfc4945
RPKI BGP Routing https://en.wikipedia.org/wiki/Resource_Public_Key_Infrastructure
pkixssh SSH with X.509 auth https://gitlab.com/secsh/pkixssh
UEFI BIOS https://en.wikipedia.org/wiki/UEFI
Pasports / ICAO standards Passports / Travel Documents https://www.icao.int/sites/default/files/publications/DocSeries/9303_p1_cons_en.pdf
Vaccine Certificates / WHO standards Covid-19 vaccination status https://worldhealthorganization.github.io/ddcc/
UIC / VDV barcodes Train Tickets https://media.ccc.de/v/38c3-what-s-inside-my-train-ticket
ELSTER Login for German tax system https://www.elster.de/eportal/login/softpse
Peppol Electronic Invoice Delivery https://peppol.org/wp-content/uploads/2022/04/PEPPOL_Certificates_Change_V1.2.pdf
Time-Stamp Protocol (TSP) Trusted Timestamps https://www.rfc-editor.org/rfc/rfc3161
Authenticode (Microsoft) Windows Code Signing https://learn.microsoft.com/en-us/windows-hardware/drivers/install/authenticode
Codesign (Apple) macOS Code Signing https://support.apple.com/guide/security/app-code-signing-process-sec3ad8e6e53/web
Firefox Extension Signing Code Signatures for Add-ons https://wiki.mozilla.org/Add-ons/Extension_Signing
PAdES PDF Signatures https://en.wikipedia.org/wiki/PAdES
xmldsig XML Signatures https://www.w3.org/TR/xmldsig-core/

Know other use cases of X.509 certificates? Please open a pull request or an issue.

Background

I am interested in the security of cryptographic public keys and the developer of badkeys, a tool to check for known-insecure cryptographic keys.

X.509 certificates are a very common use case of public key cryptography, and they are used in a wide variety of ecosystems. I am unaware of any existing overview of the many different use cases of X.509. Therefore, I started this document to collect this information.

Created by Hanno Böck.

About

Collect information about X.509 certificates

Resources

Readme

License

CC0-1.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors