Digital Certificate

 

Digital certificate

 

A digital certificate is an electronic “credit card” that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users’ public keys.

In other words Digital certificates are the digital equivalent (i.e. electronic format) of physical or paper certificates. Examples of physical certificates are driver’s licenses, passports or membership cards. Certificates serve as identity of an individual for a certain purpose, e.g. a driver’s license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove your identity or your right to access information or services on the Internet.

 

Need of Digital certificate

 

  • Asymmetric key cryptography can be a very good solution , but the exchange of public key between two parties is also a problem & this problem was solved by an idea of “Digital Certificate”

 

Certificate Creation Steps

Certificate Creation Stapes

Step -1 Key Generation

a)       The end user can create his own private key & public key pair using some s/w . He then send the public key along with other information & proof about himself to R.A

b)       Or alternatively RA generates the private as well as public key pair for user. (This happens in case when the user is not aware of generation of keys)

Step- 2 Registration

  • When user creates his own keys ,then he send the public key along with other information & proof about himself to R.A in a provided s/w wizard .
  • Note that he keeps his private key as private only.
  • After this he gets a requested identifier for tracking the progress of certificate request

Step 3- Verification

  • After registration process is complete RA has to verify user’s identification

a)       RA verifies the proof like address proof, email-id, ph.no, Passport /driving license…etc

b)       Then he verifies private key of user by

- RA can demand at the time of sending the proof the user must send those with digital signature . If RA can verify the signature by using user’s public key ,so that RA can believe on private key of user

-  Alternatively RA can encrypt documents with User’s public key & send to user , which will decrypt its own private key

Step -4 Certificate creation

Assuming that all steps so far have been successfully ,
RA passes those documents to CA & CA will creates digital certificate in X.509 format.

CA send this certificate to user or user can download it from
CA’s site

 

 

 

 

Registration


A password will be e-mailed to you.

Feedback Form

Name (required)

Email (required)

Feedback