Digital Certificates
Digital certificates are the equivalent of a driver’s license, a marriage license, or any other form of identity. The only difference is that a digital certificate is used in conjunction with a public key encryption system. Digital certificates are electronic files that simply work as an online passport. Digital certificates are issued by a third party known as a Certification Authority such as VeriSign or Thawte. These third party certificate authorities have the responsibility to confirm the identity of the certificate holder as well as provide assurance to the website visitors that the website is one that is trustworthy and capable of serving them in a trustworthy manner.
Digital certificates have two basic functions. The first is to certify that the people, the website, and the network resources such as servers and routers are reliable sources, in other words, who or what they claim to be. The second function is to provide protection for the data exchanged from the visitor and the website from tampering or even theft, such as credit card information.
A digital certificate contains the name of the organization or individual, the business address, digital signature, public key, serial number, and expiration date. When you are online and your web browser attempts to secure a connection, the digital certificate issued for that website is checked by the web browser to be sure that all is well and that you can browse securely. The web browser basically has a built in list of all the main certification authorities and their public keys and uses that information to decrypt the digital signature. This allows the browser to quickly check for problems, abnormalities, and if everything checks out the secure connection is enabled. When the browser finds an expired certificate or mismatched information, a dialog box will pop up with an alert.
There are two main types of digital certificates that are important to building a secure website and these are server certificates and personal certificates.
Server Certificates
Server certificates simply allow website visitors to safely transfer their personal information like credit cards and bank account information without worrying about theft or tampering. Server certificates are also responsible for validating the website owners identity so that the visitors can feel as though they are dealing with a legitimate source when creating or inputting passwords, bank account details, or credit card numbers into the website. For any business or website that will require such information, server certificates are an important part of the website building process, one that cannot be skipped or overlooked for any reason. Having a server certificate can be to the website owners advantage because it gives the business an air of professionalism that is not often found when dealing with an e-commerce business where customers have little assurance as to the legitimacy or professionalism of the people that they are dealing with.
Personal Certificates
Personal certificates are a bit different in that they allow you to validate a website visitors identity and even restrict their access to certain portions of the website. You might want to set your website up so that web pages are only available to certain people, and personal certificates can help you do this. Personal certificates can be used for things such as sending and receiving email for private account information like forgotten passwords or username information. Personal certificates are ideal for communications such as providing partners and suppliers controlled access to websites for shipping dates, product availability, and even inventory management.
Security Standards
Most of the standard protocols being widely adopted for electronic communications rely on digital certificates:
- SSL (Secure Sockets Layer), designed by Netscape Communication Corporation, is widely accepted as the basic standard forweb browser and server authentication, and secure data exchange on the Internet. Almost all the major servers and web browsers including Netscape Communicator are optimized to enable SSL encryption, and is the most common type of security seen on the Internet.
- S/MIME (Secure Multipurpose Internet Mail Extensions Protocol) is considered as the basic standard for secure email and EDI (Electronic Data Interchange).
- SET (Secure Electronic Transactions protocol) protects electronic payments from the web visitor to the website operator.
- Internet Protocol Secure Standard (IPSec) verifies networking devices such as servers and routers.
As you can see, digital certificates play an important role in keeping your online experiences safe and secure. It is wise to pay attention to digital certificate dialog alerts that you receive, and that you double check that your connection is secure before you proceed and give someone your personal information.
|
|
Comments (3)
Leave a Reply
- PKI Certificate
A PKI certificate, which stands for Public Key Infrastructure certificate, allows someone to combine their digital signature with a public key and something that identifies them, an example being their real life name. This certificate is used to allow computer users to show that they do own the public keys they claim to. In other [...]...
- Digital Signature
A digital signature is a mathematical technique that is used to validate the authenticity of a message, webpage, or other document. Digital signatures can be used to give the reader reason to believe that the message or document was sent from the party the file claims it was sent from and that the document was [...]...
- Root Certificate
A Root Certificate is a self-signed certificate or an unsigned public key certificate which forms an important part of the PKI (public key infrastructure). The most common commercial type of root certificates is based on the ISO X.509 standard. Such a certificate (a X.509 certificate) usually carries the digital signature of a certification authority (CA), [...]...
- Root Certificate Update
In most enterprise-level public key infrastructure systems, there is a dependence upon certificate chains to verify the identity of a party. When a Certificate Authority (CA) issues a certificate for any party, the legitimacy of that certificate authority must be verified. This is usually done by a higher certificate authority. This higher authority is part [...]...
- X.509
X.509 is an ITU-T (ITU Telecommunication Standardization Sector) standard for PKI (Public Key Infrastructure) in cryptography, which, amongst many other things, defines specific formats for PKC (Public Key Certificates) and the algorithm that verifies a given certificate path is valid under a give PKI (called the certification path validation algorithm). X.509 History X.509 began in [...]...
Nice post. I study one thing more difficult on different blogs everyday. It is going to always be stimulating to read content material from other writers and observe somewhat something from their store. I’d desire to make use of some with the content material on my blog whether you don’t mind. Natually I’ll provide you with a link on your net blog. Thanks for sharing.
Development these days is a competition between computer software designers trying to create larger and much better idiot-proof applications, and the World attempting to make even bigger and superior idiots. Up to now, the Whole world is actually winning
Gracias por la data y encontro un sitio de web se llama, para prestamos y creditos, pero, una pregunta, ustedes saben un otra web site, la informacion es un poco limitado.