Introduction of Digital Signature Certificate

 

Digital certificates are the digital equivalent (i.e. electronic format) of physical or paper certificates. Examples of physical certificates are driver s licenses, passports or membership cards. Certificates serve as identity of an individual for a certain purpose, e.g. a driver s license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove your identity or your right to access information or services on the Internet.

 

Why should I trust a digital certificate’s contents?
The same reason you trust what is stated in a driver s license: endorsement by the relevant authority (Department of Transport) in the form of a difficult to forge signature or stamp of approval. Digital certificates are endorsed in a similar manner by a trusted authority empowered by law to issue them, appropriately known as the Certifying Authority or CA. The CA is responsible for vetting all applications for digital certificates, and once satisfied, "stamps" its difficult to forge digital signature on all the digital certificates it issues, attesting to their validity.

 

What can I use digital certificates for?
Three uses are outlined here. Your digital certificate could be used to allow you to access membership-based web sites automatically without entering a user name and password. It can allow others to verify your "signed" e-mail or other electronic documents, assuring your intended reader(s) that you are the genuine author of the documents, and that the content has not been corrupted or tampered with in any way. Finally, digital certificates enables others to send private messages to you: anyone else who gets his/her hands on a message meant for you will not be able to read it.

 

How important is the use of digital certificates to me?
Digital certificates and the CA are just two elements of the Public Key Infrastructure (PKI), an overall Internet security system. Once the PKI is operational, everyone who has a digital certificate can be traced and held accountable for their actions. Consequently, uses for the Internet, which could not be fully realized before, will finally take off: electronic banking and commerce (funds transfer, buying and paying on-line), on-line transactions with government agencies (applying for and renewing ICs, licenses, paying fines and bills), and on-line transactions between businesses. The day when the only way to do some of these transactions is through the Internet may not be too far off. Everyone who wants to be part of it will need digital certificates.

 

What different kinds of digital certificates are there?
Digital Certificates can be categorized into Server certificates and Personal certificates. The differences lie in the information they contain and who they identify. What are personal certificates? Personal certificates serve to identify a person. It follows that the contents of this type of certificate include the full name and personal particulars of an individual. Among other uses of personal certificates some are: Secure e-mail correspondence, and Enhanced access control to sensitive or valuable information.

 

What are server certificates?
Server certificates identify a server (computer). Hence, instead of a name of a person, server certificates contain the host name e.g. "https://nicca.nic.in/ ". Server certificates are used to ensure that on-line transactions are secure.