Computer Knowledge - Digital Certificate

Search this site or the Internet.

Hot Topics

Please see the CKnow Home Page for a list of current hot topics.

Hot Utilities

Utilities that may help you...

Registry Booster [more]
Free registry scan.
WinBackup 2 Standard [more]
A full backup solution.
SpeedUpMyPC [more]
Auto maximize performance.
WinTasks 5 Professional [more]
Protect against security threats.
Registry Mechanic [more]
Registry clean, repair & optimize.
Spyware Doctor [more]
Three-way spyware protection.
Video Professor [more]
A FREE* lesson on CD or on-line.
Associate This [more]
A file extension manager.
TrID [more]
Identify hundreds of file types!
Free Tech Magazines [more]
No charge. No catch. No kidding.

Notes

DewaHost offers premium Web hosting service starting from $8.95/month and a high speed file hosting service - FileBurst!

CKnow does NOT spam.
E-mail is easily forged.

Digital Certificate

A digital certificate is a form of secure identification. You most often see them in electronic commerce but they can be used in any situation where identification must be verified.

The basis of digital certificate security is public/private key encryption technology. An encryption key is a long sequence of characters used to "key" encryption software. Each key is unique and linked to its owner. In public/private encryption each key comes as two parts: a public part and a private part. Whatever one part encrypts the other part decrypts. As their name implies, you keep the private part of your key on your computer and never give access to it to anyone. The public part you can freely distribute to anyone. When someone (or some other computer) wants to exchange secure data with you or your computer it first obtains your public key (the public key is part of your digital certificate). If desired, the other computer can take this public key and check it with the digital certificate issuing authority to make certain you are who it thinks you are. That computer then encrypts its message to you using your public key and sends it. When the message arrives your computer uses your private key to decrypt the message (that is the only key that will decrypt it).

If the two computers need to communicate further then further action needs to be taken (if your computer just encrypted a return message using your private key and sent it then anyone with your public key could access the contents!). Instead...

On contact, a secure server sends out the digital certificate to verify identity and provide the public key.
The contacting browser generates a unique "session key" to control further encryption needs. This session key is encrypted using the public key and sent. Only the server's private key can decrypt this message.
A secure session is established (usually indicated by a padlock icon on a status bar) using the session key which is discarded when the session ends. (Note: Some session keys might be kept in memory cache so if you are on a shared computer be certain to clear all internet caches before leaving the computer after running a secure session.)

A certificate typically contains your identification, a serial number, an expiration date, a copy of your public key, and a digital signature for the certificate-issuing authority. This latter is used to verify that the certificate is valid.

More Information

Introduction to eCommerce

Last Changed: Thursday, January 26, 2006
Navigation: Computer Knowledge Home :: Terms :: D :: Digital Certificate