FAQ about certificates
Why are certificates used?
In an electronic environment it is not possible to recognise
users face-to-face. This means that users (and servers) of a secure
system must have an electronic identity. This can be done with
the help of certificates.
What are certificates?
A certificate is information presented in a standard format.
This information is used to bind the owner to their public key.
This combined information can be used as an electronic identity
proof. Certificates are created by a trusted party, a CA (Certification
Authority), by using the defined security policies.
Where are certificates used?
Certificates are used in strong authentication, data encryption
and electronic signatures. Certificates can also be used to bind
information to the owner of the certificate.
Practical applications include:
- Strong authentication for secure data transfer mechanisms
(VPN+SSH)
- Secure email: electronically signed and encrypted email (S/MIME)
- Smart card-based system sign-on
- Improved web security for users and servers (SSL certificates)
- Ensuring non-repudiation of documents with an electronic
signature
- Other uses: Mobile certificates, signing of biometrical data,
integration to companies’ internal information management
(IIM), anti-spamming operations
|
