- ページ 15

プリンター Xerox Color 1000i PressのPDF セキュリティ・マニュアルをオンラインで閲覧またはダウンロードできます。Xerox Color 1000i Press 45 ページ。 Entry production color presses
Xerox Color 1000i Press にも：設計マニュアル (30 ページ)

ページを印刷する

Xerox® Security Guide for Entry Production Color Class Products

Public Key Encryption (PKI)

A digital certificate is a file that contains data used to verify the identity of the client or server in a network

transaction. A certificate also contains a public key used to create and verify digital signatures. To prove

identity to another product, a product presents a certificate trusted by the other product. The product can

also present a certificate signed by a trusted third party and a digital signature proving that it owns the

certificate.

A digital certificate includes the following data:

• Information about the owner of the certificate

• The certificate serial number and expiration date

• The name and digital signature of the certificate authority (CA) that issued the certificate

• A public key

• A purpose defining how the certificate and public key can be used

There are four types of certificates:

• A Product Certificate is a certificate for which the printer has a private key. The purpose specified in the

certificate allows it to be used to prove identity.

• A CA Certificate is a certificate with authority to sign other certificates.

• A Trusted Certificate is a self-signed certificate from another product that you want to trust.

• A domain controller certificate is a self-signed certificate for a domain controller in your network.

Domain controller certificates are used to verify the identity of a user when the user logs in to the product

using a Smart Card.

For protocols such as HTTPS, the printer is the server, and must prove its identity to the client Web

browser. For protocols such as 802.1X, the printer is the client, and must prove its identity to the

authentication server, typically a RADIUS server.

Device Certificates

Versant® and ColorPress® products support both CA signed and self-signed certificates. Product

certificates support a bit length of up to 2048 bits.

A CA signed certificate can be created by generating a Certificate Signing Request (CSR), and sending it

to a CA or a local server functioning as a CA to sign the CSR. An example of a server functioning as a

certificate authority is Windows Server 2008 running Certificate Services. When the CA returns the signed

certificate, install it on the printer.

Alternatively, a self-signed certificate may be created. When you create a Product Certificate, the product

generates a certificate, signs it, and creates a public key used in SSL/TLS encryption.

Device Certificates

Certificate Length

Supported Hashes

Product Web Server

IPPS (TLS) Printing

802.1X Client

Email Signing

Email Encryption

OCSP Signing

IPSec

March 2019

Versant® 80/180 Press Versant® 2100/3100

Press

Versant 80 Press, Versant

Versant 2100 Press,

180 Press

Versant 3100 Press

1024, 2048

SHA1, SHA256

SHA256, SHA384,

SHA512

Supported

(Not Applicable)

Supported

(Not Applicable)

Supported

Color 800/100 Press®

Color 800/1000 Presses,

Color 800i/1000i Presses

1024, 2048

SHA256, SHA384,

SHA512

Supported

(Not Applicable)

Supported

Page 3-13