SunPKI Registration Authorities
Sun Public Key Infrastructure (SunPKI) architecture is designed with one top-level certificate, called the Root CA (Certificate Authority) and a subordinate CA, which is the Sun Microsystems Inc., CA (Class B) certificate. An additional certificate issued by Sun Enterprise Services, called the patch management certificate, is used to verify the digital signatures on signed patches.
The Sun Root CA, Sun Class B CA, and the patch signing certificate are included in the SUNWcert package.
These three certificates provide a certificate chain of trust in the patch verification process whereby the Sun Root CA trusts the Class B CA, and the Class B CA trusts the patch management certificate. And ultimately, the GTE CyberTrust CA trusts the Sun Root CA.
Sun certificates are issued by Baltimore Technologies, who recently bought GTE CyberTrust.
A certification authority certifies the relationship between public keys that are used to decrypt the digital signature with the patch and the owner of the public keys.
The Sun CA process means the following:
-
Sun has issued and authenticated the digital certificates.
-
The public key in the certificate is paired with a private key that is held by Sun.
-
These certificates can be used for business purposes only and can be revoked or suspended if the certificate user violates Sun's certificate policy.
For more information about Sun's certificate policy, go to http://www.sun.com/pki/cps.html.
- © 2010, Oracle Corporation and/or its affiliates