How does a Digital Signature Certificate work
One of the major challenges facing consultants today is maintaining a level of hign security of leading and emerging technologies, beyond the superficial or buzzword level. We need to develop a level of understanding that allows us to communicate effectively.
A Digital Signature Certificate explicitly associates the identity of an individual/device with a pair of electronic keys – public and private keys – and this association is endorsed by the CA. The certificate contains information about a user’s identity.
These public and private keys complement each other in that one does not function in the absence of the other. They are used by browsers and servers to encrypt and decrypt information regarding the identity of the certificate user during information exchange processes. The private key is stored on the user’s computer hard disk or on an external device such as a token. The user retains control of the private key; it can only be used with the issued password.
The public key is disseminated with the encrypted information. The authentication process fails if either one of these keys in not available or do not match. This means that the encrypted data cannot be decrypted and therefore, is inaccessible to unauthorized parties.