Rita Rodriguez


To certify something, is to verify that it (who or what) is indeed what it claims to be.
A digital certificate then, verifies that a person or company belongs to the owner listed. 
This gives permission to utilize or obtain access to information over the internet (YouTube:Understanding Digital Certificates Part I). 

The information listed on the certificate is:

(according to Microsoft Word 2007's Help Query: Certificates Overview)
  • " The subject's public key value.
  • The subject's identifier information, such as the name and e-mail address
  • The validity period (the length of time that the certificate is considered valid).
  • The issuer identifier information.
  • The digital signature of the issuer, which attests to the validity of the binding between the subject's public key and the subject's identifier information."



As a user, you are able to view the certificate. It may look like one of these:

(Print Screen from home PC from Meriwest Credit Union Site) LEFT  (http://en.wikipedia.org/wiki/File:Firefox_3_rc1_Extended_Validation_SSL_address_bar_and_certificate_detail.PNG) RIGHT
    This certificate provides a sense of security that you are dealing with a legit person or company that is authenticated by an authority of certificates, not shockingly, called a Certificate Authority (CA). As you can imagine, this is most important especially when doing trasactions; you want to be certain for example, that you are indeed transferring funds to say SJSU's bursar and not a random kid who is now using your tuition to buy their first car.
    The owner of an email address at a specific domain may request a digital certificate, so that the CA may look and verify that the actual owner is receiving the information (Wikipedia-Certificate Authority page). The digital certificate may be purchased, but is often issued by the CA for no cost, but as a service to the public.
    Further, a digital certificate provided to provide protection by encrypting information sent over the internet (YouTube: Understanding Digital Certificates Part I). The CA has a private key that belongs to the specific public key.
    The digital certificates are not always to be trusted. There have been breaches of security by people essentially pretexting and pretending to be representing a being from say a company. If the CA has not verified well enough, the pretexter is then able to send emails on behalf of the persona they have taken on, and can fraudulently do business as an inauthentic entity.

    Let's take a look at a common example of how and when a digital certificate is used:

    Say you want to buy your plane ticket for break, so you need to make sure you have enough money on your credit card. You are on your laptop, so you go the card website, and you note it is secure with a https site, and a locked padlock in the corner. Your credit card company will send their digital certificate to your browser so that you it can check if it is certified, assuming you have a stored copy on your computer (if not it will store it). If it is,you will be prompted to proceed to put in your username and pin. It will show you your statement and balance, which was decrypted with a unique key. This is a secure transaction based on the digital certificate: it has verified the identification of the owner of the site (credit card company) and the user (you), and allowed your private key to work with their public key to decrypt your statement.
This video summarizes nicely what was discussed:

Understanding Digital Certificates Part 1

Microsoft Word 2007 Help, Querie: Certificate Overview