A
Access Control
Kernel level controls that govern access to system and information resources. See Data Access Control and
Document Access Control.
Access Rules
The subscriber's organization defines the process controls that provide the rules governing who can access which documents and perform which processes. These rules
are enforced at the Trusted Custodial Utility™. These rules are also used by the e
Original™ application to determine which features are activated for a given user.Accreditation
Formal declaration by a recognized authority that a system is approved to operate in a particular protected mode using a prescribed set of safeguards. Affirmative Act
Creating a digital signature requires the signer to provide his or her eOriginal™
Token (private key) and to manually invoke a local software function. This affirmative act, which can be the basis of a commitment, sets up a transaction's completion.API
See Application Programming Interface.Application Programming Interface
A set of calling conventions which define how a service is invoked through a
software package. The calls, subroutines, interrupts, and returns that comprise a documented interface so that a higher-level program such as an application can make use of the
services of another application, operating system, network operating system, driver, or other lower-level software program. Archive
The offline storage of electronic documents that can be retrieved for later use. Assurance
Measure of confidence that the security features and architecture of a system
accurately mediate and enforce the security policy. Audit
Independent review and examination of records and activities to assess the adequacy of system controls, to ensure
compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures. Audit Trail
Chronological record
of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. Authenticate
The Trusted Custodial Utility™ performs
"third party" independent verification that a document being received and stored is the same document that was executed and transmitted by the originator. In addition,
it date-time stamps and affixes its own digital seal to the electronic document. These actions evidence the placement of the document under the control of the Trusted Custodial
Utility™, which thereafter acts on behalf of the document's owner as instructed by the owner. Authentication
The verification of the identity of a person or process.
Authentication Server (AS)
The Authentication Server contributes to a document's trail of evidence and custody. Specifically the AS creates a record of the instant when the
Custodial Utility assumes control of a document on the behalf of its owner. An AS ties together signer and document authentication to corroborate the information's origin and the
time of origin. The Authentication Server performs the authentication operation with great speed and accuracy. Authentication servers perform the authentication function by
providing the following services. Refer to the definitions of the following items for more information:
.
* Signer authentication
* Document integrity check
* Affix reliable date-time stamp
* Apply TCU digital signatureAuthenticity
Verification of the validity of both the source and content integrity of a document. Authorization
Access rights granted to a user, program, or process. B BES
Batch Entry System supports high volume document entry (30,000)."Blue Ink" Signature
A person's signature written by hand with an ink stylus. Bulk Transfer
The onetime process of transferring a set of information objects (e.g., documents). C
CA
See Certification Authority.CDR
See
Certified Digital Receipt.Certified Digital Receipt
The
eOriginal™
provides the originator with a date and time annotated digitally sealed receipt on receiving an authenticated electronic document. This electronic receipt is evidence that the TCU received and accepted responsibility for the submitted electronic document.
Certificate
Each new subscriber (user) using eOriginal™
services is issued a certificate. The certificate is a means of associating the subscriber's identity and rights on the system with a public and private key pair. The certificate conforms to the ITU X.509 version 3 international standard data structure. Certificates are held in an accessible repository that is referred to as a "directory;" (e.g., ITU X.500 Directory). Certificates include the following critical information needed in the sealing and verification processes:
* An expiration date for the identification of the individual who owns the certificate
* Identification of the authority that issued the certificate
* Public signature verification keyAn independent Certificate Authority (CA) is responsible for issuing all subscriber certificates. The CA insures that subscribers are uniquely
identified. Certificate Revocation List (CRL)
Certification Authority-maintained list of compromised, revoked, or superceded certificates. CRL is used during
the digital signature verification process to check validity of the certificate from which the public verification key is extracted. Certification
Comprehensive evaluation
of a system's technical and non-technical security features and other safeguards made in support of the accreditation process to establish the extent to which a particular
design and implementation meets a set of specified security requirements. Certification Authority (CA)
A CA is the issuing authority
for subscriber certificates. CA's maintain strict system control by allowing access only through the certificate issuance process. eOriginal™
services use a CA hierarchy that enables various security organizations to exist independently under one ultimate CA administrative authority. The CA hierarchy consists of two tiers. The top tier is referred to as Tier One or the "Root CA." This CA, which operates in an offline environment, is housed in a secure closed-room environment and uses two-person integrity controls. Tier One CA's are responsible for the security administration of the entire
eOriginal™
industry solution and for creating Organization CA's. The Tier Two or "Organization CA" is created when the Root CA issues an Organization CA Certificate (subscriber registration). This certificate enables the Organization CA to perform all the security functions needed on the local level, including issuing, renewing, updating and revoking subscriber certificates.
Certified Print™
TCU-certified printed paper copy of the original electronic document. The document is printed with the TCU document custodian's certification of the
originator, version, parties and history of the document. Check Digit
The final digit of the 18-digit registration number. Cipher Text
Encrypted information transformed from a plain text document or message. Client
A computer system or process that requests a service of another computer system or process.
A workstation requesting the contents of a file from a file server is a client of the file server. Client/Server Architecture
A network architecture in which each computer is
either a client or a server. Servers are powerful computers dedicated to managing shared devices and information resources. Clients are local workstations on which users run
applications. Clients rely on servers for shared resources (e.g., printers, files, databases, messaging). Closed PKI System
An authentication
framework where the identification and qualification of all subscribers is in accordance with the agreed upon applicable business rules, security policies and procedures.
Computer Cryptography
A general-purpose computer's use of a crypto algorithm program stored in software or firmware to authenticate or encrypt and decrypt data for storage or
transmission. Computer Security
Measures and controls that ensure the security and availability of the information processed, stored, and transmitted by a computer.
Confidentiality
Assurance that information is not disclosed to unauthorized entities or processes. Configuration Control
The process of controlling modifications to a
system's hardware, firmware and software and documentation to ensure the system is protected against improper modifications before, during and after system implementation and
fielding. Configuration Management
The management of security features and assurances through control of changes made to a system's hardware, software, firmware,
documentation, tests, test fixtures and test documentation–-throughout the system's development and operational life. Content Integrity
The document has not been altered
or impaired in any manner; i.e., a single digital bit cannot be changed without detection. Counter Measures
Actions, devices, procedures, techniques and other measures that reduce the vulnerability of a system. CRL
See Certificate Revocation List.Cryptographic Component
The
hardware or firmware embodiment of the cryptographic logic. Note: The cryptographic component might be a Token, modular assembly, a printed wiring assembly, a microcircuit or a
combination of these items. D Data Access Control
The process of how an institution
establishes and enforces access rights to transaction data fields such as schedule information, status transaction number and participant names.
Data Encryption
The changing of information into an unreadable form to prevent anyone who does not have a decryption "key" from reading the information. Data
encryption is used to protect sensitive information that travels over public channels such as the Internet. Data Encryption Standard (DES)
U.S. Data Encryption Standard (DES),
U.S. FIPS Pub 46-2 and ANSI X3.92. DES is a symmetric encryption algorithm. Data Integrity
The condition that exists when data is unchanged from its time of creation and
has not been accidentally or maliciously modified, altered or destroyed. Data Security
The process of protecting information from unauthorized use. An example is the use
of credit card numbers on the Internet to purchase merchandise and services. Without data security measures in place, unauthorized persons can access the information.
Deal Template
Selected set of document required to complete a specific type of deal (e.g., for mortgages – 15 year conforming mortgage, 30 year nonconforming mortgage, ARM).
Digital Seal
Attaching a digital signature to an electronic document or message. Digital Signature
A nonforgeable piece of data asserting that a named person wrote or
otherwise agreed to the document to which the signature is attached. In the eOriginal™
system, the document is hashed and the hash is encrypted using the subscriber's secret signature
(private) key. The result of this computation is appended to the document, along with the signer's certificate.Digitized Signature
A human generated signature made by hand with a stylus and captured with an electronic pad. Directory
An LDAP-compliant directory service that contains the names of each
infrastructure component and each person enrolled with the eOriginal™ system. The Directory also CRL lists.Disaster Recovery
The documented process for protecting and restoring critical
information during emergency or disaster conditions, such as the loss of a computer facility. Disaster recovery management involves many functions, such as identifying critical and
vital information; determining recovery needs, developing backup solutions and implementing the backup/recovery solution. Disaster plans and procedures are designed, distributed,
taught and rehearsed to enable panic-free work processes in restoring service with minimum effect to customers. Backup and restoration of the platform systems offers users the
ability to recover and restore files if mistakes or disasters occur and objects are lost or corrupted. System backups are performed nightly and are transferred to a secure off-site
location. All systems use automated methods of backup, as well as for monitoring and notifying support personnel to ensure the successful completion of backups. Network
configuration and capacities are designed to accommodate service interruptions and restoration with minimal disruption to the user. Backup services are scheduled based on each
customer's specific backup and archiving requirements. These services can be scheduled 24 hours a day and can be executed while systems are available to customers.
Some of the disaster recovery protection functions that can be provided to customers are as follows:
|
Development of a weekly backup solution for non-application data |
|
Development of a weekly backup solution for application data |
|
Development of processes for cycling backups from on-site to off-site and then back on-site |
|
Testing for the recovery of non-application data |
|
Implementation of the disaster recovery backup solutions |
Document Access Control
The process that governs who has the authority to perform certain actions to specified documents. Document Authentication
Providing good evidence of the substance of the electronic transaction by making it impracticable to falsify or alter—without detection—the signed object or the signature. E EDI
Electronic data interchange, which is the transmission, in a standard syntax, of unambiguous
information of business or strategic significance between computers of independent organizations.Electronic Commerce
Buying, selling and communicating using electronic messaging systems instead of paper based
methods. Electronic commerce assures an efficient flow of information, integrates the supply chain and generally improves the business process. Electronic Document
Electronic representation (bits and bytes) of a paper document encoded in some machine processable form (ASCII, MS Word, PCL, PostScript, TIFF). Electronic Messaging
The use of a group of computer services that use a network to send, receive and combine messages, faxes and large data files. Examples are electronic mail, enhanced fax and EDI.
Electronic Original™
Authentic electronic document, controlled by the eOriginal™
TCU on behalf of the document's owner.Electronic Signature
The use of digitization to capture a handwritten signature as an electronic data object. This object cannot be used for authenticity, integrity or nonrepudiation purposes.
eOriginal™ Inc.
A Delaware corporation formed on April 2, 1996, has developed and markets a fully integrated
transaction system that will revolutionize the way bisiness is handled today, delivering to industry and
government the ability to implement true electronic commerce by providing the only electronic
original™— a legal alternative that replaces a blue-ink signed paper original—even for negotiable documents. eOriginal™ Product
A process wrapped in technology. Electronic commerce is generally achieved through an unwieldy combination of technologies, applications, participants and processes. eOriginal™ is a system that
ties together, integrates and manages the myriad components of an electronic transaction.Encryption Technology
The use of secret (symmetric) or public key (asymmetric) cryptography to change information into
unreadable and back to readable form to prevent any but the intended recipient from reading that information. See Data Encryption.End User (Subscribers & Participants)
Performs business-related actions using roadmaps defined by transaction templates and allowed by users' predefined privileges. G General Public
Any customer who requests information. Through an automated voice response unit, only selected
information will be accessible. The customer must provide required information to activate and release requested information. H Hash
Also known as a message digest, the hash is an algorithmically condensed digital representation of all
the bits and bytes that compose an electronic document. The document might have been created using digital means or converted from paper by electronic scanning.Hashing
The iterative process that computes a value (referred to as a hashword) from a particular data unit in a
manner in which, when a hashword is protected, any manipulation of the data is detectable. HTTP
Hypertext Transfer Protocol, a tool used to generate and search for sources on the World Wide Web.
I Identification and Authentication (I&A)
The party originating a digitally signed or encrypted document is cryptographically identifiable as such.Inquire
See Query.Integrity
The process that proves that a document has not been altered or impaired in any manner; i.e., a single digital bit cannot be changed without detection.
K Key
Information (usually a sequence of random or pseudo-random bits) used to initialize the cryptographic
algorithms used for the purpose of encrypting and decrypting or digitally signing and verifying electronic documents or for producing other keys.Key Validity Period
The length of time a key is valid. This date is conveyed in an individual's authentication certificate. The
eOriginal™
system will not use a key once it has expired. The transparently updates keys and certificates prior to their expiration. L LDAP
The Lightweight Directory Access Protocol (LDAP) was originally designed as a simple Internet client
server protocol for accessing the X.500 directory service. Since those early days LDAP has evolved to
become the Internet Standard way of accessing on-line directory systems that follow the X.500 data model. M Message Authentication
The process of digitally signing a message provides proof of the authenticity of the document or
information object, with far greater certainty and precision than paper signatures. Because the
verification process—comparing the digital representation (hash) of the message or document made at
signing with the one created during the verification process—discloses whether the message is the
same as when signed, verification reveals any tampering with the message, before storage in the TCU.Message Digest
See Hash.MIME
Multipurpose Internet Mail Extension is an Internet Standard for formatting the body of a message so that it can transmit arbitrary data, including multimedia.
N Nonrepudiation
The process that prevents parties who digitally sign documents from later disavowing their actions.
The process by which an institution creates electronic documents used for the evidence and securing of debt and establishes a solid trail of evidence to the borrower.
Nonrepudiation service is key to the services' concept because it prevents a person from unilaterally
modifying or terminating his or her legal obligations arising from an electronic transaction. O
Object
A passive entity that contains or receives information.Note: Access to an object implies access to the information it contains. Examples of objects are as
follows: records, blocks, pages, segments, files, directories, directory trees and programs, as well as
bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers and network nodes. Offline Cryptosystem
A cryptosystem in which encryption and decryption are performed independently of the transmission and reception functions. Online Cryptosystem
A cryptosystem in which encryption and decryption are performed in association with the transmitting and receiving functions. Original Electronic Document
The TCU maintains the "original" electronic document so that it is distinguishable from a copy. Organization Administrator
Enrolls user and sets their privileges for business transactions. Privileges control who can do what to which document. Creates transaction templates. Organization CA
The second tier (Tier Two) of the Certification Authority hierarchy. This tier is created when the Root CA
issues an Organization CA Certificate (subscriber registration). This action enables the Organization
CA to perform all the security functions needed on the local level, such as issuing, updating, renewing and revoking subscriber certificates. Organization Security Officer (OSO)
Each subscriber organization—for example, human resource officer in a mortgage company or title
agency—identifies an Organization Security Officer (OSO). A Tier Two CA creates an organization
account, registers his or her OSO and activates his or her OSO Token. The OSO is provided e
Original™ system security management training and tools. After this registration and setup activity
is completed, the organization OSO can perform the local security functions required. CAs issue the
OSO initialized Tokens for each newly registered subscriber. The OSO has responsibility for
corroborating the subscriber's identity and assisting them in activating their new Token.Organizational ID or Org. ID
A sequentially assigned seven-digit number that identifies the subscriber organization to the Trusted Custodial Utility ™
. The seven digits of the Org. ID comprise the first seven digits of the 18-digit universal tracking number (UTN).OSAR
Optical Storage and Retrieval.
P Pad Signature
See Digitized Signature
.Participants
The individuals who provide documentation or information to a subscriber to complete a business
transaction. A participant does not require a special workstation to complete his or her delivery
requirements, though he or she can use one. A participant might also deliver documents and
information through fax or scanning. Participants are usually sponsored by a subscriber organization. Passphrase
A secret string of words used to authenticate an individual's identity during system logon that is
transformed by a system security component into a virtual password. Phrases are easier to remember than long strings of characters. Password
A secret character string used to authenticate an individual's identity during system logon. Security
check rules are normally applied to ensure that a password cannot be easily guessed (e.g., upper/lower case change required, limited letter repeats). PCCard
Alternate name for PCMCIA Card. See Token.PCL
See Print Control Language File
.PCMCIA
Personal Computer Card Interface Association Standard. See Token.PCT (Private Communications Technology)
Developed by Microsoft, PCT uses Public-Key cryptography to encrypt a private key that is then used
to encrypt the client and server session. Similar to SSL, except for key exchange and ability to support multiple algorithms. Penetration
Unauthorized act of bypassing the security mechanisms of an information system. Penetration Testing
Security testing in which evaluators attempt to circumvent the security features of a system based on their understanding of the system design and implementation. PIN
Personal Identification Number is an alphanumeric string used for application, workstation or server login. PKC
See Public Key Cryptography.PKCS
RSA Data Security, Inc.'s Public-Key Cryptography Standard Series. PKI
See Public Key Infrastructure.
Print Control Language File
Electronic output from processing systems used by printers where the output is redirected to a file. Privacy
How an institution ensures that data and messages are routed in a way that precludes access to or release of information to unauthorized users. Private Key
See Public Key Cryptography.Process Controls
eOriginal™ system rules that govern whom can access what Electronic Originals™ and when, that are held by the TCU.
Process Control Worksheet
A behind-the-scenes electronic "checklist" of meta information, document lists and access
requirements for each business activity. Each transaction's worksheet is built dynamically based on the subscriber's process control rules. Public Key
See Public Key Cryptography.Public Key Cryptography
Public key cryptography schemes use a pair of "keys"—a private key and a public key—that are
associated with each registered user on the system. The public key is made available for use by
anyone. Documents or electronic files that are encrypted using the public key can only be read by the
holder of the paired private key. Conversely, documents that are signed using the user's private key
can be verified by anyone with access to the paired public key. Public key cryptography is sometimes
used for key exchange in symmetric key encryption. The encrypt and decrypt functions of both keys
are truly "one-way," which means that no one can determine the private key from the corresponding public key.
Public Key Infrastructure
Name given the Certification Authority hierarchy responsible for issuing authentication certificates and
cryptographic materials used in for signing and encryption electronic documents. Q Query
The ability to design a request for information, transmit the request, receive data and select the desired response for viewing or printing. R Registration
The process of enrolling users and their organization.Registration Authority (RA)
A local or remote entity that performs registration services on behalf of a CA. The Registration Authority
(RA) is responsible for the accuracy of the information contained in a certificate request. The RA is
also expected tp perform user validation before issuing a certificate request or a Token. Repeatable Processes
Various functions performed repeatedly for all the business processes:
* Registration
* Process corrections
* Document sealing
* Document authentication
* Inquiry Root CA
The top tier (Tier One) of the Certification Authority hierarchy from which all subordinate certificates
authorities are created. This CA, which operates in an offline environment, is housed in a secure closed room environment and uses two-person integrity controls. Revocation
Process by which CA invalidates previously issued certificates. S SCIF
Sensitive Compartmented Information Facility (SCIF).
Seal
The user applies a digital cryptographic signature to a document. Sealing makes any modification to the document detectable. Security Evaluation
Determination of the risk associated with the use of a given system considering its vulnerabilities and perceived security threat. Sequence Number
The 10-digit number assigned by the services' subscriber to uniquely identify a transaction. The 10
digits of the sequence number comprise the 8th through 17th digits of the 18-digit universal tracking number. Serial Number
A unique identifier that distinguishes a user in the directory from any other user. Server
A powerful network computer that manages shared devices and information resources. Economy and
efficiency are gained by minimizing component redundancy and promoting the appropriate sharing of information. SET (Secure Electronic Transaction)
Jointly Developed by MasterCard and Visa, SET is a method for secure bankcard transactions across unsecure networks such as the Internet. Sign/Seal
Using eOriginal™
services, the signing and sealing process is performed electronically within a security administration framework. Electronically stored documents are protected against change by
affixing an electronic stamp that verifies the document's content and is virtually tamper-proof.Signer Authentication
A digital signature resulting from use of the private key effectively identifies the signer with the
message. This identification is evidenced when a public key (corresponding to the private key) is
bound with an identified signer within an X.509 formatted authentication certificate. No person other
than the proper signer can forge the digital signature unless the subscriber loses control of the private key and its associated PIN. Signing Key Pair
Consists of a signing private key and a verification public key. The private key can only be accessed by
its owner. The public key is included in corresponding verification public key certificate. Smart Card
Credit Card sized Token that contains a serial data interface and microprocessor. Lower performance and cost makes it preferable for banking and credit applications. S/MIME
See MIME
– The S/MIME (Secure/Multipurpose Internet Mail Extensions) specification for enabling encrypted messages to be exchanged between e-mail applications.SQL
Standard Query Language (SQL) used to access databases. SSL (Secure Socket Layer)
Developed by Netscape, SSL is an application independent Internet protocol used to secure HTTP,
FTP and Telnet. The SSL protocol negotiates encryption keys and authenticates the server (and sometimes the client) before data is exchanged. Standard EDI Format
Accredited Standards Committee X12 standard. Stranger-to-stranger
In the world of electronic commerce it is highly likely that persons conducting business never meet
face-to-face or through direct third party introductions. They are therefore strangers who must rely on
the PKI to vouch for the legitimacy of the other party. This is only possible in a " Closed PKI System."
Members depend on the PKI's Certificate Authorities to create nonforgeable X.509 certificates that
accurately convey the identities of all enrolled subscribers. Sufficient procedures are in place at the
Certificate Authority to ensure that subscribers are who they claim to be. The exchange of these
certificates and use of the corresponding public key based digital signatures make stranger-to-stranger transactions possible.Subscriber
An employee of a member
eOriginal™
system organization who is an enrolled user of an eOriginal™ industry application. Subscribers access the services online from eOriginal™ compliant workstations.
Subscriber Profile
Specific information about a subscriber. The subscriber profile indicates the subscriber's business process preferences, billing and other information.
Symmetric Key Cryptography
The same key is used for encryption and decryption. Symmetric algorithms are significantly faster than public key algorithm. System Administrator
Enrolls organizations by issuing Org. IDs and manages the eOriginal™ Application.System Certification
Comprehensive evaluation of the technical and non-technical security features of a system and other
safeguards, made in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified security requirements.
T Tampering
Unauthorized modification that alters the proper functioning of the cryptography, security enforcement
or information system in a manner that degrades the security protections it provides.TCU
See Trusted Custodial Utility™.TIFF
Tagged Image File Format was designed to facilitate the exchange of raster image information. Thin-Client
Workstation client application software designed to be especially small so that the bulk of the data processing occurs on the server. Thick-Client
Workstation client application software designed such that the bulk of the data processing is done at the workstation. Third-Party Vendors
Companies that are not subscribers or participants but whose services are used in the transaction
process. Examples in the mortgage industry are appraisers, attorneys, contractors and inspectors. Threat
Existence of the potential and willingness of an adversary to cause harm to a system or information. Tier One CA
See Root CA.Time-Stamp
Digitally signed notation indicating the exact date and time a digitally sealed document was received at the TCU. Token
Within the context of eOriginal™
services, the Token is a tamper-proof, metal-encased Personal Computer Memory Card International Association (PCMCIA) card containing microprocessor chips and
memory modules. All protection within the service begins with the Token, which is capable of storing
and using the signature and hash algorithms, the subscriber's private encryption key, and the
subscriber's certificate information. The Token uses these capabilities to interact with PC-based security software and perform the security functions described in the service.
Trail-Of-Evidence
Irrefutable proof tracing all transactions, including all document revisions and transfers of ownership. Trail-Of-Custody
Irrefutable proof tracing all transfers of ownership, including both the document (e.g., promissory note), instruments of transfer (assignment document) and audit trail.
Transaction Template
Defined set of documents required to complete a specific business transaction (e.g. 30 year fixed rate mortgage). Trusted
A "system" that employs sufficient safeguards and integrity measures to allow for its use in the processing and storage of high value transactions. Trustworthiness
Quantification of level of practices and procedures employed by the PKI that assure correct performance of the responsibility to only issue certificates to the intended recipients.
Trusted Custodial Utility™ (TCU)
Performs the storage, custodial, registry, transfer and disaster recovery functions for the benefit of the
owner of the electronic documents. Trusted Distribution
Method for distributing hardware, software and firmware, both originals and updates, that provides
protection against modification during delivery. U Update
A change to information outside of a previously defined business process. Examples are corrections and updates to previously null fields.Universal Tracking Number (UTN)
Unique number assigned by a subscriber organization to a business transaction. Users use this
number to set up or select a transaction. The UTN is the organization identifier and serial number assigned by the organization. V Validation
A process of applying specialized security tests and evaluation procedures and tools needed to
establish acceptance for joint usage of a system by one or more departments, agencies or organizations.Verification
The process of comparing two levels of a system specification for proper correspondence, such as
information protection policy model with top-level specification, top-level specification with source code or source code with object code. Verify
See Verification.
Vulnerability
Existence in a system of an exploitable weakness. When both threat and vulnerability align, then the
system is at risk. All that is required is that the perpetrator have the skill, knowledge, access and motivation (espionage, sabotage or fraud). X X12 Format
A predefined EDI layout at a transaction-set level. This layout is the recommended format for batch entry to the Trusted Custodial Utility™.
X.509v3
International standard for certificate definition (data layout). Currently on version 3. |
