- -authentication. - -The use of a password, certificate, personal identification number (PIN), or other information to validate an identity over a computer network. See also password-based authentication, certificate-based authentication, client authentication, server authentication.
- -
-bookmark. A stored web page address (URL) that you can go to easily by clicking a bookmark icon in the Personal Toolbar or choosing the bookmark's name from the Bookmarks menu.
- - -CA. - -See certificate authority (CA)
- - - -CA certificate. - -A certificate that identifies a certificate authority. See also certificate authority (CA), subordinate CA, root CA.
- -
-cache. A collection of web page copies stored on your computer's hard disk or in its random-access memory (RAM). The browser accumulates these copies as you browse the Web. When you click a link or type a URL to fetch a particular web page for which the cache already contains a copy, the browser compares the cached copy to the original. If there have been no changes, the browser uses the cached copy rather than refetching the original, saving processing and download time.
- - -certificate. -The digital equivalent of an ID card. A certificate specifies the name of an individual, company, or other entity and certifies that a public key, which is included in the certificate, belongs to that entity. When you digitally sign a message or other data, the digital signature for that message is created with the aid of the private key that corresponds to the public key in your certificate. A certificate is issued and digitally signed by a certificate authority (CA). A certificate's validity can be verified by checking the CA's digital signature. Also called digital ID, digital passport, public-key certificate, X.509 certificate, and security certificate. See also public-key cryptography.
- - - -certificate authority (CA). - -A service that issues a certificate after verifying the identity of the person or entity the certificate is intended to identify. A CA also renews and revokes certificates and generates a list of revoked certificates at regular intervals. CAs can be independent vendors (such as the CAs listed at Client Certificates) or a person or organization using certificate-issuing server software (such as Mozilla Certificate Management System). See also certificate, certificate revocation list (CRL).
- - - -certificate backup password. - -A password that protects a certificate that you are backing up or have previously backed up. Certificate Manager asks you to set this password when you back up a certificate, and requests it when you attempt to restore a certificate that has previously been backed up.
- - - -certificate-based authentication. - -Verification of identity based on certificates and public-key cryptography. See also password-based authentication.
- - - -certificate chain. - -A hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a certificate authority (CA) and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA and so on up to a root CA.
- - - -certificate fingerprint. -A unique number associated with a certificate. The number is not part of the certificate itself but is produced by applying a mathematical function to the contents of the certificate. If the contents of the certificate change, even by a single character, the function produces a different number. Certificate fingerprints can therefore be used to verify that certificates have not been tampered with.
- - - -Certificate Manager - -The part of the browser that allows you to view and manage certificates. To view the main Certificate Manager window: Open the Edit menu, choose Preferences, click Privacy and Security, and then click Manage Certificates.
- - - - -certificate renewal. - -The process of renewing a certificate that is about to expire.
- - - -certificate revocation list (CRL). - -A list of revoked certificates that is generated and signed by a certificate authority (CA). You can download the latest CRL to your browser or to a server, then check against it to make sure that certificates are still valid before permitting their use for authentication.
- - - - -certificate verification. - -When Certificate Manager verifies a certificate, it confirms that the digital signature was created by a CA whose own CA certificate is both on file with Certificate Manager and marked as trusted for issuing that kind of certificate. It also confirms that the certificate being verified has not itself been marked as untrusted. Finally, if the Online Certificate Status Protocol (OCSP) has been activated, Certificate Manager also performs an online check. It does so by looking up the certificate in a list of valid certificates maintained at a URL that is specified either in the certificate itself or in the browser's Validation preferences. If any of these checks fail, Certificate Manager marks the certificate as unverified and won't recognize the identity it certifies.
- - - -cipher. - -See cryptographic_algorithm.
- - - -client. - -Software (such as browser software) that sends requests to and receives information from a server, which is usually running on a different computer. A computer on which client software runs is also described as a client.
- - - -client authentication. - -The process of identifying a client to a server, for example with a name and password or with a client SSL certificate and some digitally signed data. See also Secure Sockets Layer (SSL), server authentication.
- - - -client SSL certificate. - -A certificate that a client (such as browser software) presents to a server to authenticate the identity of the client (or the identity of the person using the client) using the Secure Sockets Layer (SSL) protocol. See also client authentication.
- - -
-Component Bar. The toolbar located at the bottom left of any Mozilla window. The Component Bar allows you to switch between Mozilla components by clicking icons for Navigator, Mail & Newsgroups, Instant Messenger, and so on. - - -
-cookie. A small bit of information stored on your computer by some web sites. When you visit such a site, the site asks your browser to place one or more cookies on your hard disk. Later, when you return to the site, your browser sends the site the cookies that belong to it. Cookies help web sites keep track of information about you, such as the contents of your shopping cart. You can set your cookie preferences to control how cookies are used and how much information you are willing to let web sites store on them. See also foreign_cookie.
- -
-Cookie Manager. The part of the browser that you can use to control cookies. For details, see Using the Cookie Manager.
- - - -cryptographic algorithm. - -A set of rules or directions used to perform cryptographic operations such as encryption and decryption. Sometimes called a cipher.
- - - -cryptography. - -The art and practice of scrambling (encrypting) and unscrambling (decrypting) information. For example, cryptographic techniques are used to scramble an unscramble information flowing between commercial web sites and your browser. See also public-key cryptography.
- - - -decryption. - -The process of unscrambling data that has been encrypted. See also encryption.
- - - -digital ID. - -See certificate.
- - - -digital signature. - -A code created from both the data to be signed and the private key of the signer. This code is unique for each new piece of data. Even a single comma added to a message changes the digital signature for that message. Successful validation of your digital signature by appropriate software not only provides evidence that you approved the transaction or message, but also provides evidence that the data has not changed since you digitally signed it. A digital signature has nothing to do with a handwritten signature, although it can sometimes be used for similar legal purposes. See also nonrepudiation, tamper detection.
- - - -distinguished name (DN). - -A specially formatted name that uniquely identifies the subject of a certificate.
- - - -dual key pairs. - -Two public-private key pairs--four keys altogether--corresponding to two separate certificates. The private key of one pair is used for signing operations, and the public and private keys of the other pair are used for encryption and decryption operations. Each pair corresponds to a separate certificate. See also public-key cryptography.
- - - -eavesdropping. - -Surreptitious interception of information sent over a network by an entity for which the information is not intended.
- - - -encryption. - -The process of scrambling information in a way that disguises its meaning. For example, encrypted connections between computers make it very difficult for third-parties to unscramble, or decrypt, information flowing over the connection. Encrypted information can be decrypted only by someone who possesses the appropriate key. See also public-key cryptography.
- - - -encryption certificate. - -A certificate whose public key corresponds to a private key used for encryption only. Encryption certificates are not used for signing operations. See also dual key pairs, signing certificate.
- - - -encryption key. - -A private key used for encryption only. An encryption key and its equivalent public key, plus a signing key and its equivalent public key, constitute a dual key pairs.
- - -
-Extensible Stylesheet Language Transformation (XSLT). A language used to convert an XML document into another XML document or into some other format. For information on Mozilla support for XSLT, see Advanced Preferences - Advanced.
- -
-Extensible Markup Language (XML). An open standard for describing data. Unlike HTML, XML allows the developer of a web page to define special tags. For more information, see the online W3C document Extensible Markup Language (XML).
- - -
-File Transfer Protocol (FTP). A standard that allows users to transfer files from one computer to another over a network. You can use your browser to fetch files using FTP.
- - -fingerprint. - -See certificate fingerprint.
- - - -FIPS PUBS 140-1. - -Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.
- - -
-foreign cookie. A cookie from one site that gets stored on your computer when you visit a different site. Sometimes a web site displays content that is hosted on another web site. That content can be anything from an image to text or an advertisement. The second web site that hosts such elements also has the ability to store a cookie in your browser, even though you don't visit it directly. Also known as "third-party cookie."
- -
-Form Manager. The part of the browser that can help you save the personal data you enter into online forms, such as your name, address, phone, and so on. Then, when a web site presents you with a form, Form Manager can fill it in automatically. For details, see Using the Form Manager.
- - -
-helper application. Any application that is used to open or view a file downloaded by the browser. A plug-in is a special kind of helper application that installs itself into the Plugins directory of the main browser installation directory and can typically be opened within the browser itself (internally). Microsoft Word, Adobe Photoshop, and other external applications are considered helper applications but not plug-ins, since they don't install themselves into the browser directory, but can be opened from the download dialog box. - -
-home page. The page your browser is set to display every time you launch it or when you click the Home button. Also used to refer to the main page for a web site, from which you can explore the rest of the site.
- -
-Hypertext Markup Language (HTML). The document format used for Web pages. The HTML standard defines tags, or codes, used to define the text layout, fonts, style, images, and other elements that make up a web page.
- -
implicit consent. Also known as implied or "opt-out" consent. Used to describe privacy settings that may allow web sites to gather information about you (for example by means of cookies and online forms) unless you explicitly choose to withhold your consent by selecting an option on a page that the web site provides for that purpose. Your consent may not be requested when the information is actually gathered.
- -
-Internet Message Access Protocol (IMAP). A standard mail server protocol that allows you to store all your messages and any changes to them on the server rather than on your computer's hard disk. Using IMAP rather than POP saves disk space and allows you to access your entire mailbox, including sent mail, drafts, and custom folders, from any location. Using an IMAP server over a modem is generally faster than using a POP mail server, since you initially download message headers only. Not all ISPs support IMAP.
- -
-Internet. A worldwide network of millions of computers that communicate with each other using standard protocols such as TCP/IP. Originally developed for the US military in 1969, the Internet grew to include educational and research institutions and, in the late 1990s, millions of businesses, organizations, and individuals. Today the Internet is used for email, browsing the World Wide Web, instant messaging, usegroups, and many other purposes.
- -
-Internet protocol address (IP address). The address of a computer on a TCP/IP network. Every computer on the Internet has an IP address. Clients have either a permanent IP address or one that is dynamically assigned to them each time they connect with the network. IP addresses are written as four sets of numbers, like this: 204.171.64.2. - - -
-Java. A programming language developed by Sun Microsystems. A single Java program can run on many different kinds of computers, thus avoiding the need for programmers to create a separate version of each program for each kind of computer. Your browser can automatically download and run Java programs (also called applets).
- -
-JavaScript. A scripting language commonly used to construct web pages. Programmers use JavaScript to make web pages more interactive; for example, to display forms and buttons. JavaScript can be used with Java, but is technically a separate language. Java is not required for JavaScript to work correctly.
- - - - -key. - -A large number used by a cryptographic algorithm to encrypt or decrypt data. A person's public key, for example, allows other people to encrypt messages to that person. The encrypted messages must be decrypted with the corresponding private key. See also public-key cryptography.
- - - -Lightweight Directory Access Protocol (LDAP). - -A standard protocol for accessing directory services, such as corporate address books, across multiple platforms. You can set up your browser to access LDAP directories from the Address Book. You can also set up Mail & Newsgroups to use an LDAP directory for email address autocompletion. -
- - - -Location Bar. The field (and associated buttons) near the top of a Navigator window where you can type a URL or search terms. For details, see Moving to Another Page.
- - -master key. - -A symmetric key used by Certificate Manager to encrypt information. For example, Password Manager uses Certificate Manager and your master key to encrypt email passwords, web site passwords, and other stored sensitive information. See also symmetric encryption.
- - - -master password. - -A password used by Certificate Manager to protect the master key and/or private keys stored on a security device. Certificate Manager needs to access your private keys, for example, when you sign email messages or use one of your own certificates to identify yourself to a web site. It needs to access your master key when Password Manager or Form Manager reads or adds to your personal information. You can set or change your master password from the Master Passwords preferences panel. Each security device requires a separate master password. See also private key, master key.
- - - - -misrepresentation. - -Presentation of an entity as a person or organization that it is not. For example, a web site might pretend to be a furniture store when it is really just a site that takes credit card payments but never sends any goods. See also spoofing.
- - - -Navigation Toolbar. The toolbar near the top of the browser window that includes the Back and Forward buttons.
- - - -nonrepudiation. - -The inability, of the sender of a message, to deny having sent the message. A regular hand-written signature provides one form of nonrepudiation. A digital signature provides another.
- - - -object signing. - -A technology that allows software developers to sign Java code, JavaScript scripts, or any kind of file, and that allows users to identify the signers and control access by signed code to local system resources.
- - - -object-signing certificate. - -A certificate whose corresponding private key is used to sign objects such as code files. See also object signing.
- - - -Online Certificate Status Protocol (OCSP). - -A set of rules that Certificate Manager follows to perform an online check of a certificate's validity each time the certificate is used. This process involves checking the certificate against a list of valid certificates maintained at a specified web site. Your computer must be online for OCSP to work.
- - - -password-based authentication. - -Confident identification by means of a name and password. See also authentication.
- - -
-Password Manager. The part of the browser that can help you remember some or all of your names and passwords by storing them on your computer's hard disk, and entering them for you automatically when you visit such sites. For details, see Using the Password Manager.
- - -Personal Toolbar. The cutomizable toolbar that appears just below the location bar by default in Navigator . It contains standard buttons such as Home, Search, Bookmarks, and so on that you can add or remove. You can also add buttons for your favorite bookmarks, or folders containing groups of bookmarks. For details, see Personal Toolbar.
- - - -PKCS #11. - -The public-key cryptography standard that governs security devices such as smart cards. See also security device, smart card.
- - - -PKCS #11 module. - -A program on your computer that manages cryptographic services such as encryption and decryption using the PKCS #11 standard. Also called cryptographic modules, cryptographic service providers, or security modules, PKCS #11 modules control either hardware or software devices. A PKCS #11 module always controls one or more slots, which may be implemented as some form of physical reader (for example, for reading smart cards) or in software. Each slot for a PKCS #11 module can in turn contain a security device (also called token), which is the hardware or software device that provides cryptographic services and stores certificates and keys. Certificate Manager provides two built-in PKCS #11 modules. You may install additional modules on your computer to control smart card readers or other hardware devices.
- - -
-Platform for Privacy Preferences (P3P). A standard published by the World Wide Web Consortium (W3C) designed to help users to gain more control over the use of personal information by Web sites they visit. For information about using cookies with web sites that support this standard, see Setting Privacy Levels. For general information on the standard itself, see the online document P3P Public Overview.
- - -plug-in. A type of helper application that adds new capabilities to your browser, such as the ability to play audio or video clips. Unlike other kinds of helper applications, a plug-in application installs itself into the Plugins directory within the main browser installation directory and typically can be opened within the browser itself (internally). For example, an audio plug-in lets you listen to audio files on a web page or in an e-mail message. Macromedia Flash Player and Java are both examples of plug-in applications.
- - -Post Office Protocol (POP). A standard mail server protocol that requires you to download new messages to your local computer—although you can choose to leave copies on the server. With POP, you can store all your messages, including sent mail, drafts, and custom folders, on one computer only. By contrast, IMAP allows you to permanently store all your messages and any changes to them on the server, where you can access them from any computer. Most ISPs currently support POP.
- - -private key. - -One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key.
- - -
-proxy. An intermediary or "go-between" program that acts as both a server and a client for the purpose of making requests on behalf of other clients.
- - -public key. - -One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a certificate. It is typically used to encrypt data sent to the public key's owner, who then decrypts the data with the corresponding private key.
- - - -public-key cryptography. - -A set of well-established techniques and standards that allow an entity (such as a person, an organization, or hardware such as a router) to verify its identity electronically or to sign and encrypt electronic data. Two keys are involved: a public key and a private key. The public key is published as part of a certificate, which associates that key with a particular identity. The corresponding private key is kept secret. Data encrypted with the public key can be decrypted only with the private key.
- - - -public-key infrastructure (PKI). - -The standards and services that facilitate the use of public-key cryptography and certificates in a networked environment.
- - - -root CA. - -The certificate authority (CA) with a self-signed certificate at the top of a certificate chain. See also subordinate CA.
- - -
-search engine. A web-based program that allows users to search for and retrieve specific information from the World Wide Web. The search engine may search the full text of web documents or a list of keywords, or use librarians who review web documents and index them manually for retrieval. Typically, the user types a word or phrase, also called a query, into a search box, and the search engine displays links to relevant web pages.
- - - -Secure Sockets Layer (SSL). - -A protocol that allows mutual authentication between a client and a server for the purpose of establishing an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols. The new Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL. See also authentication, encryption.
- - - -security certificate. - -See certificate.
- - - -security device. - -Hardware or software that provides cryptographic services such as encryption and decryption and can store certificates and keys. A smart card is one example of a security device implemented in hardware. Certificate Manager contains its own built-in security device, called the software security device, that is always available while the browser is running. Each security device is protected by its own master password.
- - - -security module. - -See PKCS #11 module.
- - -security token. - -See security device.
- - - -server. - -Software (such as software that serves up web pages) that receives requests from and sends information to a client, which is usually running on a different computer. A computer on which server software runs is also described as a server.
- - - -server authentication. - -The process of identifying a server to a client by using a server SSL certificate. See also client authentication, Secure Sockets Layer (SSL).
- - - -server SSL certificate. - -A certificate that a server presents to a client to authenticate the server's identity using the Secure Sockets Layer (SSL) protocol.
- - - -signing certificate. - -A certificate whose corresponding private key is used to sign transmitted data, so that the receiver can verify the identity of the sender. Certificate authorities (CAs) often issue a signing certificate that will be used to sign email messages at the same time as an encryption certificate that will be used to encrypt email messages. See also dual key pairs, digital signature.
- - - -signing key. - -A private key used for signing only. A signing key and its equivalent public key, together with an encryption key and its equivalent public key, constitute dual key pairs.
- - - -slot. - -A piece of hardware, or its equivalent in software, that is controlled by a PKCS #11 module and designed to contain a security device.
- - - -smart card. - -A small device, typically about the size of a credit card, that contains a microprocessor and is capable of storing cryptographic information (such as keys and certificates) and performing cryptographic operations. Smart cards use the PKCS #11 standard. A smart card is one kind of security device.
- - - -software security device. - -The default security device used by Certificate Manager to store private keys associated with your certificates. In addition to private keys, the software security device stores the master key used by Password Manager to encrypt email passwords, web site passwords, and other sensitive information. See also private key and master key.
- - - -spoofing. - -Pretending to be someone else. For example, a person can pretend to have the email address jdoe@mozilla.com, or a computer can identify itself as a site called www.mozilla.com when it is not. Spoofing is one form of misrepresentation.
- - - -SSL. - -See Secure Sockets Layer (SSL).
- - - -Status Bar. The toolbar that appears at the bottom of any Mozilla window. It includes the Component Bar on the left and status icons on the right. For example, in Navigator it includes status icons such as the lock icon.
- - -subject. - -The entity (such as a person, organization, or router) identified by a certificate. In particular, the subject field of a certificate contains the certified entity's subject name and other characteristics.
- - - -subject name. - -A distinguished name (DN) that uniquely describes the subject of a certificate.
- - - -subordinate CA. - -A certificate authority (CA) whose certificate is signed by another subordinate CA or by the root CA. See also certificate chain, root CA.
- - - -symmetric encryption. - -An encryption method that uses a single cryptographic key to both encrypt and decrypt a given message.
- - - -tamper detection. - -A mechanism ensuring that data received in electronic form has not been tampered with; that is, that the data received corresponds entirely with the original version of the same data.
- - - -TCP. -See Transmission Control Protocol/Internet Protocol (TCP/IP).
- - -
-third-party cookie. See foreign cookie.
- - -TLS. - -See Secure Sockets Layer (SSL).
- - - -token. - -See security device.
- - -
- -Transmission Control Protocol/Internet Protocol (TCP/IP). A Unix protocol used to connect computers running a variety of operating systems. TCP/IP is an essential Internet protocol and has become a global standard.
- - - - - -trust. - -Confident reliance on a person or other entity. In the context of public-key infrastructure (PKI), trust usually refers to the relationship between the user of a certificate and the certificate authority (CA) that issued the certificate. If you use Certificate Manager to specify that you trust a CA, Certificate Manager trusts valid certificates issued by that CA unless you specify otherwise in the settings for individual certificates. You use the Authorities tab in Certificate Manager to specify the kinds of certificates you do or don't trust specific CAs to issue.
- - - -
-Uniform Resource Locator (URL). The standardized address that tells your browser how to locate a file or other resource on the Web. For example: http://www.mozilla.org. You can type URLs into the browser's Location Bar to access web pages. URLs are also used in the links on web pages that you can click to go to other web pages. Also known as an Internet address or Web address.
- -
-web page. A single document on the World Wide Web that is specified by a unique address or URL and that may contain text, hyperlinks, and graphics.
- -
-web site. A group of related web pages linked by hyperlinks and managed by a single company, organization, or individual. A web site may include text, graphics, audio and video files, and links to other web sites.
- -
-World Wide Web. Also known as the Web. A portion of the Internet that is made up of web pages stored by web servers and displayed by clients called web browsers (such as Mozilla).
- - - +
authentication. The use of a password, + certificate, personal identification number (PIN), or other information to + validate an identity over a computer network. See also + password-based authentication, + certificate-based authentication, + client authentication, + server authentication.
+ +bookmark. A stored web page address (URL) + that you can go to easily by clicking a bookmark icon in the Personal Toolbar + or choosing the bookmark's name from the Bookmarks menu.
+CA. See certificate + authority (CA)
+CA certificate. A certificate that + identifies a certificate authority. See also certificate + authority (CA), subordinate CA, +root + CA.
+cache. A collection of web page copies stored + on your computer's hard disk or in its random-access memory (RAM). The browser + accumulates these copies as you browse the Web. When you click a link or type + a URL to fetch a particular web + page for which the cache already contains a copy, the browser compares the cached + copy to the original. If there have been no changes, the browser uses the cached + copy rather than refetching the original, saving processing and download time. +
+certificate.The digital + equivalent of an ID card. A certificate specifies the name of an individual, + company, or other entity and certifies that a public key, which is included + in the certificate, belongs to that entity. When you digitally sign a message + or other data, the digital signature for that message is created with the aid + of the private key that corresponds to the public key in your certificate. A + certificate is issued and digitally signed by a +certificate + authority (CA). A certificate's validity can be verified by checking the + CA's digital signature. Also called digital + ID, digital passport, public-key certificate, X.509 certificate, and security + certificate. See also public-key cryptography.
+certificate authority (CA). A service that issues a certificate + after verifying the identity of the person or entity the certificate is intended + to identify. A CA also renews and revokes certificates and generates a list + of revoked certificates at regular intervals. CAs can be independent vendors or a person or organization using certificate-issuing server + software (such as Mozilla Certificate Management System). See also +certificate, certificate revocation list (CRL).
+certificate backup password. A password that protects a certificate + that you are backing up or have previously backed up. Certificate Manager asks + you to set this password when you back up a certificate, and requests it when + you attempt to restore a certificate that has previously been backed up.
+certificate-based authentication. Verification of identity + based on certificates and public-key cryptography. See also +password-based + authentication.
+certificate chain. A hierarchical series of certificates signed + by successive certificate authorities. A CA certificate identifies a +certificate + authority (CA) and is used to sign certificates issued by that authority. + A CA certificate can in turn be signed by the CA certificate of a parent CA + and so on up to a root CA.
+certificate fingerprint. + A unique number associated with a certificate. The number is not part of + the certificate itself but is produced by applying a mathematical function to + the contents of the certificate. If the contents of the certificate change, + even by a single character, the function produces a different number. Certificate + fingerprints can therefore be used to verify that certificates have not been + tampered with.
+Certificate + Manager The part of the browser that allows you to view and manage + certificates. To view the main Certificate Manager window: Open the Edit menu, + choose Preferences, click Privacy and Security, and then click Manage Certificates.
+certificate renewal. The process of renewing a +certificate + that is about to expire.
+certificate revocation list (CRL). A list of revoked certificates + that is generated and signed by a certificate + authority (CA). You can download the latest CRL to your browser or to a + server, then check against it to make sure that certificates are still valid + before permitting their use for authentication.
+certificate verification. When +Certificate + Manager verifies a certificate, it confirms that the digital signature was + created by a CA whose own CA certificate is both on file with Certificate Manager + and marked as trusted for issuing that kind of certificate. It also confirms + that the certificate being verified has not itself been marked as untrusted. + Finally, if the Online Certificate Status Protocol + (OCSP) has been activated, Certificate Manager also performs an online check. + It does so by looking up the certificate in a list of valid certificates maintained + at a URL that is specified either in the certificate itself or in the browser's + Validation preferences. If any of these checks fail, Certificate Manager marks + the certificate as unverified and won't recognize the identity it certifies.
+cipher. + See cryptographic algorithm.
+client. + Software (such as browser software) that sends requests to and receives information + from a server, which is usually running + on a different computer. A computer on which client software runs is also described + as a client.
+client authentication. The process of identifying a +client + to a server, for example with a name and + password or with a client SSL certificate + and some digitally signed data. See also Secure + Sockets Layer (SSL), server authentication.
+client SSL certificate. A certificate that a +client + (such as browser software) presents to a server + to authenticate the identity of the client (or the identity of the person using + the client) using the Secure Sockets Layer (SSL) + protocol. See also client authentication.
+Component Bar. The toolbar located + at the bottom left of any Mozilla window. The Component Bar allows you to switch + between Mozilla components by clicking icons for Navigator, Mail & Newsgroups, + Instant Messenger, and so on.
+cookie. A small bit of information stored + on your computer by some web sites. When you visit such a site, the site asks + your browser to place one or more cookies on your hard disk. Later, when you + return to the site, your browser sends the site the cookies that belong to it. + Cookies help web sites keep track of information about you, such as the contents + of your shopping cart. You can set your cookie preferences to control how cookies + are used and how much information you are willing to let web sites store on + them. See also foreign cookie.
+Cookie Manager. The part of the browser + that you can use to control cookies.
+cryptographic algorithm. A set of rules or directions used + to perform cryptographic operations such as encryption + and decryption. Sometimes called a cipher.
+cryptography. + The art and practice of scrambling (encrypting) and unscrambling (decrypting) + information. For example, cryptographic techniques are used to scramble an unscramble + information flowing between commercial web sites and your browser. See also +public-key cryptography.
+decryption. + The process of unscrambling data that has been encrypted. See also +encryption.
+digital ID. + See certificate.
++ digital signature. A code created from both the data to be + signed and the private key of the signer. This code is unique for each new piece + of data. Even a single comma added to a message changes the digital signature + for that message. Successful validation of your digital signature by appropriate + software not only provides evidence that you approved the transaction or message, + but also provides evidence that the data has not changed since you digitally + signed it. A digital signature has nothing to do with a handwritten signature, + although it can sometimes be used for similar legal purposes. See also +nonrepudiation, tamper detection.
+distinguished name (DN). A specially formatted name that uniquely + identifies the subject of a certificate.
+dual + key pairs. Two public-private key pairs--four keys altogether--corresponding + to two separate certificates. The private key of one pair is used for signing + operations, and the public and private keys of the other pair are used for encryption + and decryption operations. Each pair corresponds to a separate +certificate. + See also public-key cryptography.
+eavesdropping. + Surreptitious interception of information sent over a network by an entity + for which the information is not intended.
+encryption. + The process of scrambling information in a way that disguises its meaning. + For example, encrypted connections between computers make it very difficult + for third-parties to unscramble, or decrypt, information flowing over + the connection. Encrypted information can be decrypted only by someone who possesses + the appropriate key. See also public-key cryptography.
+encryption certificate. A certificate whose public key corresponds + to a private key used for encryption only. Encryption certificates are not used + for signing operations. See also dual key pairs, +signing certificate.
+encryption + key. A private key used for encryption only. An encryption key + and its equivalent private key, plus a signing + key and its equivalent public key, constitute a dual + key pairs.
+Extensible Stylesheet Language Transformation (XSLT). + A language used to convert an XML document into another XML document or into + some other format.
+Extensible Markup Language (XML). An open standard + for describing data. Unlike HTML, XML allows the developer of a web page to + define special tags. For more information, see the online W3C document Extensible + Markup Language (XML).
+File Transfer Protocol (FTP). A + standard that allows users to transfer files from one computer to another over + a network. You can use your browser to fetch files using FTP.
+fingerprint. + See certificate fingerprint.
+FIPS + PUBS 140-1. Federal Information Processing Standards Publications + (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic + modules--that is, hardware or software that encrypts and decrypts data or performs + other cryptographic operations (such as creating or verifying digital signatures). + Many products sold to the US government must comply with one or more of the + FIPS standards.
+foreign cookie. A cookie from one + site that gets stored on your computer when you visit a different site. Sometimes + a web site displays content that is hosted on another web site. That content + can be anything from an image to text or an advertisement. The second web site + that hosts such elements also has the ability to store a cookie in your browser, + even though you don't visit it directly. Also known as "third-party cookie." +
+Form Manager. The part of the browser + that can help you save the personal data you enter into online forms, such as + your name, address, phone, and so on. Then, when a web site presents you with + a form, Form Manager can fill it in automatically.
+helper application. Any application + that is used to open or view a file downloaded by the browser. A plug-in + is a special kind of helper application that installs itself into the Plugins + directory of the main browser installation directory and can typically be opened + within the browser itself (internally). Microsoft Word, Adobe Photoshop, and + other external applications are considered helper applications but not plug-ins, + since they don't install themselves into the browser directory, but can be opened + from the download dialog box.
+home page. The page your browser is set + to display every time you launch it or when you click the Home button. Also + used to refer to the main page for a web site, from which you can explore the + rest of the site.
+Hypertext Markup Language + (HTML). The document format used for Web pages. The HTML standard + defines tags, or codes, used to define the text layout, fonts, style, images, + and other elements that make up a web page.
+implicit consent. Also known as + implied or "opt-out" consent. Used to describe privacy settings that + may allow web sites to gather information about you (for example by means of + cookies and online forms) unless you explicitly choose + to withhold your consent by selecting an option on a page that the web site + provides for that purpose. Your consent may not be requested when the information + is actually gathered.
+Internet Message Access Protocol (IMAP). A + standard mail server protocol that allows you to store all your messages and + any changes to them on the server rather than on your computer's hard disk. + Using IMAP rather than POP saves disk space and + allows you to access your entire mailbox, including sent mail, drafts, and custom + folders, from any location. Using an IMAP server over a modem is generally faster + than using a POP mail server, since you initially download message headers only. + Not all ISPs support IMAP.
+Internet. A worldwide network of millions + of computers that communicate with each other using standard protocols such + as TCP/IP. + Originally developed for the US military in 1969, the Internet grew to include + educational and research institutions and, in the late 1990s, millions of businesses, + organizations, and individuals. Today the Internet is used for email, browsing + the World Wide Web, instant messaging, usegroups, + and many other purposes.
+Internet protocol + address (IP address). The address of a computer on a TCP/IP + network. Every computer on the Internet has an IP address. Clients + have either a permanent IP address or one that is dynamically assigned to them + each time they connect with the network. IP addresses are written as four sets + of numbers, like this: 204.171.64.2.
+Java. A programming language developed by Sun + Microsystems. A single Java program can run on many different kinds of computers, + thus avoiding the need for programmers to create a separate version of each + program for each kind of computer. Your browser can automatically download and + run Java programs (also called applets).
+JavaScript. A scripting language commonly + used to construct web pages. Programmers use JavaScript to make web pages more + interactive; for example, to display forms and buttons. JavaScript can be used + with Java, but is technically a separate language. Java is not required for + JavaScript to work correctly.
+key. A large + number used by a cryptographic algorithm + to encrypt or decrypt data. A person's public key, for example, allows other + people to encrypt messages to that person. The encrypted messages must be decrypted + with the corresponding private key. See also +public-key cryptography.
+Lightweight Directory Access + Protocol (LDAP). A standard protocol for accessing directory services, + such as corporate address books, across multiple platforms. You can set up your + browser to access LDAP directories from the Address Book. You can also set up + Mail & Newsgroups to use an LDAP directory for email address autocompletion. +
+Location Bar. The field (and associated + buttons) near the top of a Navigator window where you can type a URL +or search terms.
+master key. + A symmetric key used by Certificate Manager to encrypt information. For + example, Password Manager uses Certificate Manager and your master key to encrypt + email passwords, web site passwords, and other stored sensitive information. + See also symmetric encryption.
+master + password. A password used by Certificate Manager to protect the + master key and/or private keys stored on a security + device. Certificate Manager needs to access your private keys, for example, + when you sign email messages or use one of your own certificates to identify + yourself to a web site. It needs to access your master key when Password Manager + or Form Manager reads or adds to your personal information. You can set or change + your master password from the Master Passwords preferences panel. Each security + device requires a separate master password. See also private + key, master key.
+misrepresentation. Presentation of an entity as a person or + organization that it is not. For example, a web site might pretend to be a furniture + store when it is really just a site that takes credit card payments but never + sends any goods. See also spoofing.
+Navigation Toolbar. The toolbar + near the top of the browser window that includes the Back and Forward buttons.
+nonrepudiation. + The inability, of the sender of a message, to deny having sent the message. + A regular hand-written signature provides one form of nonrepudiation. A +digital + signature provides another.
+object signing. A technology that allows software developers to sign + Java code, JavaScript scripts, or any kind of file, and that allows users to + identify the signers and control access by signed code to local system resources.
++ object-signing certificate. A certificate whose corresponding + private key is used to sign objects such as code files. See also +object + signing.
++ Online Certificate Status Protocol (OCSP). A set of rules + that Certificate Manager follows to perform an online check of a certificate's + validity each time the certificate is used. This process involves checking the + certificate against a list of valid certificates maintained at a specified web + site. Your computer must be online for OCSP to work.
++ password-based authentication. Confident identification by + means of a name and password. See also authentication.
+Password Manager. The part of the + browser that can help you remember some or all of your names and passwords by + storing them on your computer's hard disk, and entering them for you + automatically when you visit such sites.
+Personal Toolbar. The cutomizable + toolbar that appears just below the location bar by default in Navigator . It + contains standard buttons such as Home, Search, Bookmarks, and so on that you + can add or remove. You can also add buttons for your favorite bookmarks, or + folders containing groups of bookmarks.
+PKCS #11. + The public-key cryptography standard that governs security devices such + as smart cards. See also security device, +smart card.
+PKCS + #11 module. A program on your computer that manages cryptographic + services such as encryption and decryption using the PKCS #11 standard. Also + called cryptographic modules, cryptographic service providers, + or security modules, PKCS #11 modules control either hardware or software + devices. A PKCS #11 module always controls one or more slots, which may be implemented + as some form of physical reader (for example, for reading smart cards) or in + software. Each slot for a PKCS #11 module can in turn contain a +security + device (also called token), which is the hardware or software + device that provides cryptographic services and stores certificates and keys. + Certificate Manager provides two built-in PKCS #11 modules. You may install + additional modules on your computer to control smart card readers or other hardware + devices.
+Platform for Privacy Preferences (P3P). A standard + published by the World Wide Web Consortium (W3C) designed to help users to gain + more control over the use of personal information by Web sites they visit. For + general information on the standard itself, see the online document P3P + Public Overview.
+plug-in. A type of helper + application that adds new capabilities to your browser, such as the ability + to play audio or video clips. Unlike other kinds of helper applications, a plug-in + application installs itself into the Plugins directory within the main browser + installation directory and typically can be opened within the browser itself + (internally). For example, an audio plug-in lets you listen to audio files on + a web page or in an e-mail message. Macromedia Flash Player and Java are both + examples of plug-in applications.
+Post Office Protocol (POP). A standard + mail server protocol that requires you to download new messages to your local + computer—although you can choose to leave copies on the server. With POP, + you can store all your messages, including sent mail, drafts, and custom folders, + on one computer only. By contrast, IMAP allows + you to permanently store all your messages and any changes to them on the server, + where you can access them from any computer. Most ISPs currently support POP. +
+private key. + One of a pair of keys used in public-key cryptography. + The private key is kept secret and is used to decrypt data that has been encrypted + with the corresponding public key.
+proxy. An intermediary or "go-between" + program that acts as both a server and a client + for the purpose of making requests on behalf of other clients.
+public key. + One of a pair of keys used in public-key cryptography. + The public key is distributed freely and published as part of a +certificate. + It is typically used to encrypt data sent to the public key's owner, who then + decrypts the data with the corresponding private key.
+public-key cryptography. A set of well-established techniques + and standards that allow an entity (such as a person, an organization, or hardware + such as a router) to verify its identity electronically or to sign and encrypt + electronic data. Two keys are involved: a public + key and a private key. The public key + is published as part of a certificate, which + associates that key with a particular identity. The corresponding private key + is kept secret. Data encrypted with the public key can be decrypted only with + the private key.
+public-key infrastructure (PKI). The standards and services + that facilitate the use of public-key cryptography and certificates in a networked + environment.
+root CA. + The certificate authority (CA) with + a self-signed certificate at the top of a certificate + chain. See also subordinate CA.
+search engine. A web-based program + that allows users to search for and retrieve specific information from the World + Wide Web. The search engine may search the full text of web documents or a list + of keywords, or use librarians who review web documents and index them manually + for retrieval. Typically, the user types a word or phrase, also called a query, + into a search box, and the search engine displays links to relevant web pages.
+Secure Sockets Layer (SSL). A protocol that allows mutual + authentication between a client and a server + for the purpose of establishing an authenticated and encrypted connection. SSL + runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network + protocols. The new Internet Engineering Task Force (IETF) standard called Transport + Layer Security (TLS) is based on SSL. See also authentication, +encryption.
+security certificate. See certificate.
+security + device. Hardware or software that provides cryptographic services + such as encryption and decryption and can store certificates and keys. A smart + card is one example of a security device implemented in hardware. Certificate + Manager contains its own built-in security device, called the software + security device, that is always available while the browser is running. + Each security device is protected by its own master + password.
+security + module. See PKCS #11 module.
+security + token. See security device.
+server. + Software (such as software that serves up web pages) that receives requests + from and sends information to a client, + which is usually running on a different computer. A computer on which server + software runs is also described as a server.
+server authentication. The process of identifying a +server + to a client by using a server + SSL certificate. See also client authentication, +Secure Sockets Layer (SSL).
++ server SSL certificate. A certificate that a +server + presents to a client to authenticate the + server's identity using the Secure Sockets Layer + (SSL) protocol.
+signing certificate. A certificate whose corresponding +private + key is used to sign transmitted data, so that the receiver can verify the + identity of the sender. Certificate authorities (CAs) often issue a signing + certificate that will be used to sign email messages at the same time as an +encryption certificate that will be used + to encrypt email messages. See also dual key + pairs, digital signature.
+signing key. + A private key used for signing only. A signing key and its equivalent public + key, together with an encryption key and + its equivalent public key, constitute dual key + pairs.
+slot. A + piece of hardware, or its equivalent in software, that is controlled by a +PKCS + #11 module and designed to contain a security + device.
+smart card. + A small device, typically about the size of a credit card, that contains + a microprocessor and is capable of storing cryptographic information (such as + keys and certificates) and performing cryptographic operations. Smart cards + use the PKCS #11 standard. A smart card + is one kind of security device.
++ software security device. The default +security + device used by Certificate Manager to store private keys associated with + your certificates. In addition to private keys, the software security device + stores the master key used by Password Manager to encrypt email passwords, web + site passwords, and other sensitive information. See also +private + key and master key.
+spoofing. + Pretending to be someone else. For example, a person can pretend to have + the email address jdoe@mozilla.com, or a computer can identify itself + as a site called www.mozilla.com when it is not. Spoofing is one form + of misrepresentation.
+SSL. See Secure + Sockets Layer (SSL).
+Status Bar. The toolbar that appears + at the bottom of any Mozilla window. It includes the Component + Bar on the left and status icons on the right.
+subject. + The entity (such as a person, organization, or router) identified by a +certificate. In particular, the subject + field of a certificate contains the certified entity's subject + name and other characteristics.
+subject + name. A distinguished name (DN) + that uniquely describes the subject of a +certificate.
+subordinate + CA. A certificate authority (CA) + whose certificate is signed by another subordinate CA or by the root CA. See + also certificate chain, root + CA.
++ symmetric encryption. An encryption method that uses a single + cryptographic key to both encrypt and decrypt a given message.
+tamper + detection. A mechanism ensuring that data received in electronic + form has not been tampered with; that is, that the data received corresponds + entirely with the original version of the same data.
+TCP. See Transmission + Control Protocol/Internet Protocol (TCP/IP).
+ +third-party cookie. See foreign + cookie.
+TLS. See Secure + Sockets Layer (SSL).
+token. + See security device.
+ ++ Transmission Control Protocol/Internet Protocol (TCP/IP). A Unix + protocol used to connect computers running a variety of operating systems. TCP/IP + is an essential Internet protocol and has become a global standard.
+trust. + Confident reliance on a person or other entity. In the context of +public-key + infrastructure (PKI), trust usually refers to the relationship between the + user of a certificate and the certificate authority + (CA) that issued the certificate. If you use Certificate Manager to specify + that you trust a CA, Certificate Manager trusts valid certificates issued by + that CA unless you specify otherwise in the settings for individual certificates. + You use the Authorities tab in Certificate Manager to specify the kinds of certificates + you do or don't trust specific CAs to issue.
+ +Uniform Resource Locator (URL). The + standardized address that tells your browser how to locate a file or other resource + on the Web. For example: http://www.mozilla.org. You can type URLs + into the browser's Location Bar to access web pages. URLs are also used in the + links on web pages that you can click to go to other web pages. Also known as + an Internet address or Web address.
+ +web page. A single document on the World + Wide Web that is specified by a unique address or URL and that may contain text, + hyperlinks, and graphics.
+ +web site. A group of related web pages + linked by hyperlinks and managed by a single company, organization, or individual. + A web site may include text, graphics, audio and video files, and links to other + web sites.
+ +World Wide Web. Also known as the + Web. A portion of the Internet that is made up of web pages stored by web servers + and displayed by clients called web browsers (such as + Mozilla).
-[ Return to beginning of Glossary ] +[ Return to beginning of Glossary ]
- - - - + +