Glossary

Asymmetric cryptosystem
Certificate
Certificate revocation list
Certification authority
Certification practice statement
Digital signature
Electronic record
Electronic signature
Encryption
Hash function
Information system
Online Certificate Status Protocol
Private key
Public key
Public key cryptography
Public key infrastructure
Recognized certificate
Recognized certification authority
Repository

Asymmetric cryptosystem

means a system capable of generating a secure key pair, consisting of a private key for generating a digital signature and a public key to verify the digital signature.

Top

Certificate

means a record which-

is issued by a certification authority for the purpose of supporting a digital signature which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair;
identifies the certification authority issuing it;
names or identifies the person to whom it is issued;
contains the public key of the person to whom it is issued; and
is signed by the certification authority issuing it.

Top

Certificate revocation list

is periodically issued list, digitally signed by the certification authority, of identified certificates that have been suspended or revoked prior to their expiration dates. It normally shows information such as the issuer's name of the list, date of issue, suspended or revoked certificate's serial numbers.

Top

Certification authority

means a person who issues a certificate to a person (who may be another certification authority).

Top

Certification practice statement

means a statement issued by a certification authority to specify the practices and standards that the certification authority employs in issuing certificates.

Top

Digital signature

in relation to an electronic record, means an electronic signature of the signer generated by the transformation of the electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer's public key can determine-

whether the transformation was generated using the private key that corresponds to the signer's public key; and
whether the initial electronic record has been altered since the transformation was generated.

Top

Electronic record

means a record generated in digital form by an information system, which can be-

transmitted within an information system or from one information system to another; and
stored in an information system or other medium.

Top

Electronic signature

means any letters, characters, numbers or other symbols in digital form attached to or logically associated with an electronic record, and executed or adopted for the purpose of authenticating or approving the electronic record.

Top

Encryption

is a process to encode the contents of message so as to hide it from outsiders and protect the confidentiality of messages. That is, it is a process of converting data in plain text into a seems-to-be meaningless data stream (called cipher text) using an algorithm (called cipher) and keys. The reverse process of converting cipher text back into plain text is called decryption.

Top

10.

Hash function

means an algorithm mapping or transforming one sequence of bits into another, generally smaller, set as the hash result, such that-

a record yields the same hash result every time the algorithm is executed using the same record as input;
it is computationally not feasible for a record to be derived or reconstituted from the hash result produced by the algorithm; and
it is computationally not feasible that 2 records can be found to produce the same hash result using the algorithm.

Top

11.

Information system

means a system which-

processes information;
records information;
can be used to cause information to be recorded, stored or otherwise processed in other information systems (wherever situated); and
can be used to retrieve information, whether the information is recorded or stored in the system itself or in other information systems (wherever situated).

Top

12.

Online Certificate Status Protocol

is a protocol that enables the current status of a digital certificate to be determined without the use of a certificate revocation list (CRL). This protocol can be used by applications, typically for high-value or highly sensitive transactions, to perform an online checking of the status of a digital certificate, rather than relying on a periodic CRL.

Top

13.

Private key

means the key of a key pair used to generate a digital signature.

Top

14.

Public key

means the key of a key pair used to verify a digital signature.

Top

15.

Public key cryptography

involves the use of a private key and a public key. A public key and its corresponding private key are mathematically related. The main principle behind public key cryptography used in electronic transactions is that a message that is encrypted with a public key can only be decrypted with its corresponding private key and a digital signature that is generated by a private key can only be verified by its corresponding public key.

Top

16.

Public key infrastructure

consists of protocols, services and standards that adopt public key cryptography and certification authority to collectively provide a framework for conducting secure electronic transactions such as confidential e-mail exchange, secure electronic services delivery and legally-binding electronic business transactions.

Top

17.

Recognized certificate

means-

a certificate recognized under section 22 of the Electronic Transactions Ordinance ("ETO");
a certificate of a type, class or description of certificate recognized under section 22 of the ETO; or
a certificate designated as a recognized certificate issued by the certification authority referred to in section 34 of the ETO.

Top

18.

Recognized certification authority

means a certification authority recognized under section 21 of the ETO or the certification authority referred to in section 34 of the ETO.

Top

19.

Repository

means an information system for storing and retrieving certificates and other information relevant to certificates.

Top