3Com WX2200 3CRWX220095A Switch User Manual


 
692 GLOSSARY
PEAP Protected Extensible Authentication Protocol. A draft extension to the
Extensible Authentication Protocol with Transport Layer Security
(EAP-TLS), developed by Microsoft Corporation, Cisco Systems, and RSA
Data Security, Inc. TLS is used in PEAP Part 1 to authenticate the server
only, and thus avoids having to distribute user certificates to every
client. PEAP Part 2 performs mutual authentication between the EAP
client and the server. Compare EAP-TLS.
PEM Privacy-Enhanced Mail. A protocol, defined in RFC 1422 through
RFC 1424, for transporting digital certificates and certificate signing
requests over the Internet. PEM format encodes the certificates on the
basis of an X.509 hierarchy of certificate authorities (CAs).
Base64
encoding is used to convert the certificates to ASCII text, and the
encoded text is enclosed between BEGIN CERTIFICATE and END
CERTIFICATE delimiters.
Per-VLAN Spanning
Tree protocol
See PVST+.
PIM Protocol Independent Multicast protocol. A protocol-independent
multicast routing protocol that supports thousands of groups, a variety
of multicast applications, and existing Layer 2 subnetwork technologies.
PIM can be operated in two modes: dense and sparse. In PIM dense
mode (PIM-DM), packets are flooded on all outgoing interfaces to
many receivers. PIM sparse mode (PIM-SM) limits data distribution to a
minimal number of widely distributed routers. PIM-SM packets are sent
only if they are explicitly requested at a rendezvous point (RP).
PKCS Public-Key Cryptography Standards. A group of specifications produced
by RSA Laboratories and secure systems developers, and first published
in 1991. Among many other features and functions, the standards
define syntax for digital certificates, certificate signing requests, and key
transportation.
PKI Public-key infrastructure. Software that enables users of an insecure
public network such as the Internet to exchange information securely
and privately. The PKI uses public-key cryptography (also known as
asymmetric cryptography) to authenticate the message sender and
encrypt the message by means of a pair of cryptographic keys, one
public and one private. A trusted certificate authority (CA) creates both
keys simultaneously with the same algorithm. A registration authority
(RA) must verify the certificate authority before a digital certificate is
issued to a requestor.