A digital certificate authenticates the Web credentials of the sender and lets the recipient of an encrypted message know that the data is from a trusted source (or a sender who claims to be one). A digital certificate is issued by a certification authority (CA).
Digital certificates are used with self-signatures and message encryption.
Digital certificates are also known as public key certificates or identity certificates.
A person (sender), who is sending an encrypted message may obtain a digital certificate from a CA to ensure authenticity. The CA issues the digital certificate with the applicant's public key, along with other information such as holder name, serial number, date of expiration and a digital CA signature. It also issues its own public key in the public domain via the Web.
When a Web message is transmitted, a digital certificate serves as an encrypted attachment containing the public key and other relevant identifying data. When the recipient receives the message, the digital certificate is decoded using the CA’s public key. Using various information residing in the digital certificate, the recipient can send an encrypted reply back to the sender.
Digital certificates verify website authenticity and legitimacy. A browser may display an unsafe digital certificate alert but still permit user entry. This warning signals that the website is a threat and security risk.
The most common digital certificate standard is X.509.
0 Comments