Certificates - The Public Key Infrastructure (PKI)


Public Key Encryption- Enter Alice, Bob, and Charlie:

Enter the:

Certificate Authority (CA)


last modified: thursday, october 16, 2003
(www.webopedia.com)

A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means that the CA has an arrangement with a financial institution, such as a credit card company, which provides it with information to confirm an individual's claimed identity. CAs are a critical component in data security and electronic commerce because they guarantee that the two parties exchanging information are really who they claim to be.


Digital Certificate


last modified: Monday, october 27, 2003
(www.webopedia.com)

an attachment to an electronic message used for security purposes. the most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. an individual wishing to send an encrypted message applies for a digital certificate from a certificate authority (ca). the ca issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. the ca makes its own public key readily available through print publicity or perhaps on the internet. the recipient of an encrypted message uses the ca's public key to decode the digital certificate attached to the message, verifies it as issued by the ca and then obtains the sender's public key and identification information held within the certificate. with this information, the recipient can send an encrypted reply. the most widely used standard for digital certificates is X.509.


This Diagram Appears in Ian Curry's Entrust White Paper

Alice, Bob, Charlie, and the CA