DefinitionDigital Certificate, Wikipedia page
Also known as a public key certificate or identity certificate
As more exchanges occur on the internet, security and validity becomes a major concern for its users. One way for technical information security is the use of digital certificates. They are used for identification and encryption purposes. Digital Certificate is "a document supplied by a certificate authority (CA) that contains, among other data, an entity's name and public key" (Kroneke, M. David). They can be used to ensure the identity of the sender of the message and was unaltered in the sending process; the receiver can then decrypt the message with a public key (Using MIS, Ch 12 slides).The digital certificate will typically contain the following information:
- The name and information of the holder
- Information of the organization that issued the certificate
- A serial number
- Date of issue along with its expiration date
- Copy of the certificate holder's public key
Certificate TypesThere are four types of digital certificates on the internet categorized by Microsoft Support:
- Personal Certificate: Identifies individuals which allows secure transactions such as sending a secure e-mail
- Server Certificate: Identifies servers by verifying its identity to che orlients. X.509 certificate format is used.
- Software Publisher Certificate: Digitally signs softwares to be distributed over the internet
Authority certificate: Root Certification Authorities and Intermediate
Certification Authorities are Certificate Authority certificates
certification are self-signed, where "the subject of the certificate is
also the signer of the certificate" and "have the ability to sign
certificates for Intermediate Certification Authorities."
Certification "has the ability to issue server certificates, personal
certificates, publisher certificates, or certificates for other
Intermediate Certification Authority."
Certification ProcessRobin Wright introduces how the certification process occurs in the YouTube video in the left:
- The first step is to issue or receive a certificate. Some users will create their own certificate while the majority will use a third party or certificate authority (CA) to issue a certificate.
- The second step is to apply for the certificate to be registered. Valid identification is usually required and the amount of validation required depends on the type of certificate. Once the request is approved, the certificate will be sent to the CA to be issued.
- The certificate will be created and issued to the users after this process.
- After approval, the CA "applies its appropriate signing key to the certificate, effectively signing the public key."
Certificate ExpirationAccording to Robin Wright, every certificate must have an expiration date and once it has expired, it cannot be used for authentication. However, the user may be sent a reminder of the expiration and to start a renewal. If the user renews the digital certificate, a new certificate will be issued with a new expiration date.
- Kroenke, M. David. Using MIS. New Jersey: Prentice Hall, 2011
- Using MIS, Chapter 12 Lecture slides