I've been exploring digital certificates a little more in depth this week. They're basically analogous to a "drivers license" in the digital domain.
A drivers license basically allows you to validate who you are (e.g, a face to a name, your age, etc...) to an authority who would like to authentiate and authorize you (maybe a policeman or door man) based on their trust in the authority that issued your license; usually the DMV. Because the license is hard to duplicate and has a certain format (being laminated, has your photo, and a magnetic strip and/or watermarks) the authority has provided strong backing validation when you present your license to third parties like a policeman or other authority figures. Therefore trust and authentication are - hopefully - maintained when you use a license.
An equivalent type of license that validates who you are and is used over the Internet is called a Digital Certificate. Although it might not validate your age, it will help validate a message or document that you might send along with it to the person you are sending it to.
Obviously, drivers licenses offer a lot of private information when you view them: photo, age, address, etc... You keep your license information private by keeping it in your wallet. Digital certificates don't have the same information. They do provide some identity information of who the individual or server is just like a drivers license, but unlike a drivers license a digital certificate provides a mechanism to encypt an exchange (aka transaction) between a client and a server; and itself can be encrypted too.
And since sensitive transactions happen over the Internet, where a sophisticated individual can intercept your credit card information, encryption needs to happen for almost all stages of a transaction (or depending on your level of need).
In this case, a digital certificate is used by a server to authenticate who they are to a client browser. Amazon, for example, sends you a digital certificate to authenticate itself to your browser and then encrypts your shopping cart transaction, etc...
No comments:
Post a Comment