Q. What are Digital Certificates?
Digital certificates are the equivalent of a driver's license, a marriage license, or any other form of identity. The only difference is that a digital certificate is used in conjunction with a public key encryption system. Digital certificates are electronic files that simply work as an online passport. Digital certificates are issued by a third party known as a Certification Authority such as VeriSign or Thawte. These third party certificate authorities have the responsibility to confirm the identity of the certificate holder as well as provide assurance to the website visitors that the website is one that is trustworthy and capable of serving them in a trustworthy manner.
Digital certificates have two basic functions. The first is to certify that the people, the website, and the network resources such as servers and routers are reliable sources, in other words, who or what they claim to be. The second function is to provide protection for the data exchanged from the visitor and the website from tampering or even theft, such as credit card information.
A digital certificate contains the name of the organization or individual, the business address, digital signature, public key, serial number, and expiration date. When you are online and your web browser attempts to secure a connection, the digital certificate issued for that website is checked by the web browser to be sure that all is well and that you can browse securely. The web browser basically has a built in list of all the main certification authorities and their public keys and uses that information to decrypt the digital signature. This allows the browser to quickly check for problems, abnormalities, and if everything checks out the secure connection is enabled. When the browser finds an expired certificate or mismatched information, a dialog box will pop up with an alert.
Digital certificates are the equivalent of a driver's license, a marriage license, or any other form of identity. The only difference is that a digital certificate is used in conjunction with a public key encryption system. Digital certificates are electronic files that simply work as an online passport. Digital certificates are issued by a third party known as a Certification Authority such as VeriSign or Thawte. These third party certificate authorities have the responsibility to confirm the identity of the certificate holder as well as provide assurance to the website visitors that the website is one that is trustworthy and capable of serving them in a trustworthy manner.
Digital certificates have two basic functions. The first is to certify that the people, the website, and the network resources such as servers and routers are reliable sources, in other words, who or what they claim to be. The second function is to provide protection for the data exchanged from the visitor and the website from tampering or even theft, such as credit card information.
A digital certificate contains the name of the organization or individual, the business address, digital signature, public key, serial number, and expiration date. When you are online and your web browser attempts to secure a connection, the digital certificate issued for that website is checked by the web browser to be sure that all is well and that you can browse securely. The web browser basically has a built in list of all the main certification authorities and their public keys and uses that information to decrypt the digital signature. This allows the browser to quickly check for problems, abnormalities, and if everything checks out the secure connection is enabled. When the browser finds an expired certificate or mismatched information, a dialog box will pop up with an alert.
I'm currently studying about digital certificates for corporations and have a deep doubt about the degree of their effectiveness.
ReplyDelete