LIS 525 - Certificates

Certificate Authorities

Certificate authorities issue digital certificates and validate the holder's identity and authority. Each certificate contains an individual's or organization's public key and other identifying information and is "signed" cryptographically.

The recipient uses the certificate authority's public key to decrypt the sender's public key attached to the message. The sender's public key is then used to decrypt the actual message (which could only have been encrypted with the sender's private key).

For pointers to some certificate authorities, see

Advantages of Digital Certificates

Installing a digital certificate on your server lets you

If visitors to your site use personal certificates,

Disadvantages

How Server Certificates Work

If you have a digital certificate on the server side, the following series of events occurs when a browser accesses a secure page on your site (often with the https protocol instead of just http):
  1. the server sends the browser the site's digital certificate
  2. the browser generates a unique session key to encrypt all communications with the site
  3. the browser encrypts the session key with the site's public key
  4. the browser sends the encrypted session key to the server
  5. the server decrypts the session key, thus establishing encrypted communication.

For More Information


Home

Last updated October 19, 2007.
This page maintained by Prof. Tim Craven
E-mail (text/plain only): craven@uwo.ca
Faculty of Information and Media Studies
University of Western Ontario,
London, Ontario
Canada, N6A 5B7