Digital certificate is a credential that identifies the holder of the
certificate. In a physical context, it
could be the identification card that a customer may need to produce to prove
his identity. In this sense we have the
useful details on the card as well as whom the issuer of the card is. The recipient frequently attaches different
levels of trust to the credential, depending on who the issuer is. A card that one has obtained from a video
club is never as credible as a driving license.
A digital certificate is an electronic credential that is issued by a
certificate authority (CA) to prove the identity if the holder. The party to communication trusts the holder
of the certificate and has confidence in the integrity of information because
he trusts the issuing certificate authority.
For secure
online communication, we need a pair of encryption keys, one of which
is called the private key and the other the public key.
Digital certificate is the wrapper for the public key that parties
to communication obtain from a certificate authority.
Having installed the certificate, and upon requiring secure communication,
public keys are forwarded to the counterparts.
In addition to the public key, certificate includes information about
the encryption algorithm (RSA is generally used) that should be used in conjunction
with the key, the key length, issuing certificate authority, issue and expiry
dates, etc.
An
applicant applies to the authority for the certificate. Ideally credentials and integrity of the
applicant should be verified by the authority before certificate is
issued. However, another piece of
information that a certificate may include is the level of trust in the certificate
or class of certificate. This depends on
the rigour of verification which could vary from simply issuing the certificate
upon application to demanding physical presence of applicant or his
representative and the relevant credentials for examination before certificate
is issued. Digital certificate is
forwarded to the applicant online in a secure manner. Certificate is encrypted by the authority
using authority's private key and forwarded to the applicant along with
authority's public key. Applicant
decrypts the certificate using authority's public key and install it on his
computer. The fact that certificate
decrypts with authority's public key proves that it has come from the trusted authority.
In the
context of online commerce, certificates enable trusted communication and resolve
the issue of trust in network environment.
Network security is a major requirement of electronic commerce to the
extent that customer trust is treated as a commodity and one that is vital for
the success of online business.
How
can you tell if a Website is using a digital certificate? |
|
How
does a browser decide whether or not to trust a certificate? |
|
An
organisation obtains a certificate for its Web server. Is the certificate tied to an IP address? |
|
An
organisation has a number of departments.
Does it need to obtain a certificate for each of the departments? What
is the strategy for certification of various computers within the
organisation? |
|
Roughly
how much does a certificate cost? |
|
Go
to http://www.barnesandnoble.com. What are their digital certificate details? |
|