digital certificates
DESCRIPTION
For more information visit http://www.presentationat.blogspot.in/ Paper Presentation on:Digital certificatesTRANSCRIPT
A digital certificate is equivalent to an electronic id card.
It serves two purposes:
To establish the identity of the owner of the certificate.
To distribute the owner's public key
Web Server Certificates:
These are the electronic equivalent of a
business license.
It assures potential customers that the site they are visiting is a legitimate business.
Developer Certificates:
These certificates enable developers to sign software and macros and deliver them safely to customers over the Internet.
The customer can be confident that the software or macros are legitimate.
Personal Certificates:These certificates secures e-mail
conversations and access to corporate web servers.
Service Thawte Verisign
Servercertificates
Initial server certificates
$125 $349
Servercertificate renewal
$100 $249
Personal certificates
Class1 Free $14.95
Class2 $20 $14.95
Developer certificates
Initial certificate $200 $100
Renewal $100 $400
How DCs Protect the Data
1. Encryption & Digital Certificates are the solution for Internet Commerce. Used together, they protect your data as it travels over the Internet.
2. Encryption is the process of using a mathematical algorithm to transform information into a format that can't be read (this format is called cipher text). Decryption is the process of using another algorithm to transform encrypted information back into a readable format (this format is called plain text).
3. Digital Certificates are your digital passport, an Internet ID. They are verification of you who you are and the integrity of your data
Digital Certificates Protect & Secure:
Authentication:
This is digital verification of who you are, much in the same way your driver's license proves your identity. It is very easy to send spoofed email.
Integrity:
This is the verification that the data you sent has not been altered. When email or other data travels across the Internet, it routes through various gateways (way stations). It is possible for people to capture, alter, then resend the message.
Encryption:
This ensures that your data was unable to be read or utilized by any party while in transit. Your message is encrypted into incomprehensible gibberish before it leaves your computer. It maintains it encrypted (gibberish) state during it's travel through the Internet. It is not de-crypt until the recipient receives it. Because of the public-key cryptography used (discussed later) only the recipient can decipher the received message, no one else can.
Token verification:
Digital tokens replace your password which can be easily guessed. Tokens offer a more secure way of access to sensitive data. The most common way to secure data or a web site is with passwords. Before anyone access the data, they are prompted with their user login id and password. However, this is easily cracked using various security software (such as Crack 5.0, etc.). Also, passwords can be found with other means, such as social engineering. Passwords are not secure. Token verification is more secure.
Requesting certificates
Certificate Request
To get a certificate, you must send a certificate request to the CA.
It includes the following:
1. The distinguished name of the owner (the user for whom the certificate is being requested).
2. The public key of the owner.
3. The digital signature of the owner.
Contents of a digital certificate :
A certificate contains several pieces of information, including information about the owner of the certificate and the issuing CA. Specifically, a certificate includes:
1. The distinguished name (DN) of the owner. A DN is a unique identifier, a fully qualified name including not only the common name (CN) of the owner, but the owner's organization and other distinguishing information.
2. The public key of the owner.
3. The date on which the certificate was issued.
4. The date on which the certificate expires.
5. The distinguished name of the issuing CA.
6. The digital signature of the issuing CA. (The message-digest function is run over all the preceding fields.)
Digital Certificates provide a way to authenticate communication on the Internet. They come in three flavors: personal, web server, and developer certificates. Personal certificates are primarily used for e-mail.
Universal acceptance and widespread use will depend on the industry’s ability to communicate in understandable terms and the development of a true standard
Four factors
1. Cost
2. Compatibility
3. Perceived need
4. Familiarity
Thank you