Compaq Evo n800c Wireless Security - Page 15

What's in a certificate?

Get Compaq Evo n800c - Notebook PC PDF manuals and user guides View all Compaq Evo n800c manuals
Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

Wireless Security White Paper 15 Digital Certificates Digital certificates are electronic files that can be used as unique identifiers for people and resources over networks. A digital certificate binds a user's identity to a public key, thus establishing trust. Digital certificates can also be used to help secure confidential communication between two parties. A certificate typically includes the following information relating to its owner and to the Certificate Authority (CA) that issued it: • The name of the holder and other uniquely identifying detail such as the URL of the Web server using the certificate and the holder's e-mail address • The holder's public key, which can be used to encrypt sensitive information for the certificate holder • The name of the Certification Authority (CA) that issued the certificate • A serial number • The validity period (or lifetime) of the certificate (a start and end date) When the issuing CA creates the certificate, it digitally signs the information on the certificate. The CA's signature on the certificate is like a tamper-detection seal; any tampering with the contents is easily detected. Figure 7 illustrates digital certificates. What's in a certificate? Subject DN: cn=Bob Smith, o=ACME, c=US Serial #: 8391037 Start:1/5/97 1:02 End:7/5/98 1:02 CRL:cn=CRL2, o=ACME, c=US SubjectAltName: IP, DNS, email Key: CA DN: o=ACME, c=US Unique name of owner Unique serial number Period of validity Revocation information Alternate Subject identifiers Public key CA's digital signature Name of issuing CA Figure 7: Digital Certificates

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
Wireless Security White Paper
15
Digital Certificates
Digital certificates are electronic files that can be used as unique identifiers for people and
resources over networks. A digital certificate binds a user’s identity to a public key, thus
establishing trust. Digital certificates can also be used to help secure confidential communication
between two parties. A certificate typically includes the following information relating to its
owner and to the Certificate Authority (CA) that issued it:
The name of the holder and other uniquely identifying detail such as the URL of the Web
server using the certificate and the holder’s e-mail address
The holder’s public key, which can be used to encrypt sensitive information for the certificate
holder
The name of the Certification Authority (CA) that issued the certificate
A serial number
The validity period (or lifetime) of the certificate (a start and end date)
When the issuing CA creates the certificate, it digitally signs the information on the certificate.
The CA’s signature on the certificate is like a tamper-detection seal; any tampering with the
contents is easily detected.
Figure 7 illustrates digital certificates.
Figure 7: Digital Certificates
Subject DN
: cn=Bob Smith,
o=ACME, c=US
Serial #
: 8391037
Start
:1/5/97 1:02
End
:7/5/98 1:02
CRL
:cn=CRL2, o=ACME, c=US
SubjectAltName
: IP, DNS, email
Key
:
What’s in a certificate?
CA DN
: o=ACME, c=US
Unique name of owner
Unique serial number
Period of validity
Revocation information
Public key
Name of issuing CA
CA’s digital
signature
Alternate Subject identifiers