Technical Overview
System Specification & Configuration
The Digi-CA™ system is a complete system containing all of the necessary Operating System [OS], modules, directories and engines required to operate a fully functional CA system.
Digi-CA™ has been designed by some of the foremost experts in Internet Application Security. All modules are contained in one Linux / Unix based system. Specific care has been taken in the design of Digi-CA™ to ensure that no outside intrusion can take place and that all the private Keys for the Digi-CA™ are secure (if they are not stored on a HSM).
To ensure the uniqueness of the keys in the Digi-IDs™, Digi-CA™ uses its own entropy system. Digi-CA™ can create Key lengths up to 9192-bits. It can also support all key ciphers and signature algorithms.
Depending on the level of security required, Administrators must be authenticated by either a smart card [Digi-Card™], a USB Tokens [Digi-Tokens™] and/or a biometric reader.
The entire Digi-CA™ system infrastructure is formed mainly around x.509 certificates, produced with accordance to the internationally recognized RFC 2459 standard and is maintained in accordance to the same internationally recognized RFC 3647 standard.
The design of a typical x.509 Certificate includes the following cryptographic algorithms that are approved for commercial use by governments and related agencies and institutions around the world.
The Signature Algorithm uses RSA and DSA and as these algorithms are always used in conjunction with a one-way hash function, the following hash functions can be applied: