Digital Certificates

The digital equivalent of an ID card used in conjunction with a public key encryption system. Also called digital IDs, digital certificates are issued by trusted third parties known as certification authorities (CAs) such as VeriSign, Inc., Mountain View, CA, (www.verisign.com), after verifying that a public key belongs to a certain owner. The certification process varies depending on the CA and the level of certification. Drivers licenses, notarization and fingerprints are examples of documentation required.

The digital certificate is actually the owner's public key that has been digitally signed by the CA. The digital certificate is sent along with an encrypted message to verify that the sender is truly the entity identifying itself in the transmission. The recipient uses the public key of the CA, which is widely publicized, to decrypt the sender's public key attached to the message. Then the sender's public key is used to decrypt the actual message.

The most vulnerable aspect of this method is the CA's private key, which is used to digitally sign a public key and create a certificate. If the CA's private key is uncovered, then false digital certificates can be created.

The digital certificate contains the following data:

owner name, company and address
owner public key
owner certificate serial number
owner validity dates
certifying company ID
certifying company digital signature

| Back to Article Index |

Copyright © All Rights Reserved. The information/images on this website
may not be reproduced or republished by anyone without permission.