What is

Digital Certificate

It is an identity.

It is…

From webopedia An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority (CA). The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet.attachmentsecurityencryptedCertificate Authority (CA)public keyInternet The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply. From WhatIs.com A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.CApublic keydigital signature Definitions

Mess

An electronic

ID card

for Identify

To Identify

You

What can

represent you?

Verbal..

ID card

Driving License

Signature

3

(1)

Uniqueness

(2)

Related to you

ID card

(3)

Authorities

Trust Party

Trust

Authorities

Internet

You

Verbal..

MSN

Trust …no more

E-commerce

Who are You

?

Digital

ID card

Driving License

Digital Signature

Digital Certificate

End section [Background]

System

PKI

(Public Key Infrastructure)

Design

For identify

Digital Signature

Digital Certificate

How it works?

Sender...encrypt…send..his… signature and cert…..to server…CA confirms it.. receiver check…. the..…result…decrypt…get the message..etc.etc.etc…

Example

David

Juno

Junos Private Key

Lese piks S! C! lnestssos

Lets skip CS lessons !!

David

CA (Certificate Authority)

Third Trust Party

CK Company

certificate and a randomly generated data which has encrypted with his private key to the CA The CA will check the certificate with its database and use the public key to decrypt the data. The encrypted data act like a digital signature and can be thought of as evidence provided by the user. So if the certificate is true and the data is decrypted, the user then gets the authentication from the CA.

Old School

Public Private

However…

Efficiency

PKI

C 2

Server

End section [System]

Deeper…

Theory

1.

The encryption

What is

Public Private ?

Sorry.

Covered

End section [Theory]

Last Part

Certificate Authority

How to

Choose

That word again

Trust

- History

- Trustworthy

- Cost

End [Presentation]