Home‎ > ‎6 pm class pages‎ > ‎

Asami Sato


Digital Certificate


Definition

Digital Certificate, Wikipedia page
Also known as a public key certificate or identity certificate

As more exchanges occur on the internet, security and validity becomes a major concern for its users. One way for technical information security is the use of digital certificates. They are used for identification and encryption purposes. Digital Certificate is "a document supplied by a certificate authority (CA) that contains, among other data, an entity's name and public key" (Kroneke, M. David). They can be used to ensure the identity of the sender of the message and was unaltered in the sending process; the receiver can then decrypt the message with a public key (Using MIS, Ch 12 slides).

The digital certificate will typically contain the following information:
  • The name and information of the holder
  • Information of the organization that issued the certificate
  • A serial number
  • Date of issue along with its expiration date
  • Copy of the certificate holder's public key

Understanding Digital Certificates Part 1


Certificate Types

There are four types of digital certificates on the internet categorized by Microsoft Support:
  • Personal Certificate: Identifies individuals which allows secure transactions such as sending a secure e-mail
  • Server Certificate: Identifies servers by verifying its identity to che orlients. X.509 certificate format is used.
  • Software Publisher Certificate: Digitally signs softwares to be distributed over the internet
  • Certificate Authority certificate: Root Certification Authorities and Intermediate Certification Authorities are Certificate Authority certificates
    • Root certification are self-signed, where "the subject of the certificate is also the signer of the certificate" and "have the ability to sign certificates for Intermediate Certification Authorities."
    • Intermediate Certification "has the ability to issue server certificates, personal certificates, publisher certificates, or certificates for other Intermediate Certification Authority."

Understanding Digital Certificates Part 2


Certification Process

Robin Wright introduces how the certification process occurs in the YouTube video in the left:
  • The first step is to issue or receive a certificate. Some users will create their own certificate while the majority will use a third party or certificate authority (CA) to issue a certificate.
  • The second step is to apply for the certificate to be registered. Valid identification is usually required and the amount of validation required depends on the type of certificate. Once the request is approved, the certificate will be sent to the CA to be issued.
  • The certificate will be created and issued to the users after this process.
  • After approval, the CA "applies its appropriate signing key to the certificate, effectively signing the public key."




Certificate Expiration

According to Robin Wright, every certificate must have an expiration date and once it has expired, it cannot be used for authentication. However, the user may be sent a reminder of the expiration and to start a renewal. If the user renews the digital certificate, a new certificate will be issued with a new expiration date.

Sources

  • http://en.wikipedia.org/
  • http://youtube.com/
  • Kroenke, M. David. Using MIS. New Jersey: Prentice Hall, 2011
  • Using MIS, Chapter 12 Lecture slides
  • http://support.microsoft.com/kb/195724


Comments