Why Digital Certificates?
In ordinary life a certificate for anybody means a proof of quality of service or product. We get used to fact that if product or service has a certificate then high quality of this product is guaranteed by manufacturer or service provider. Moreover, as employees we meet certificates or certification when we finish specific trainings or programs or pass exams.
This certificate of an employee is a proof for a company that a person has full capabilities and knowledge to solve specific tasks. Here we can also say that certificate is a quality proof.
And what about cryptography? What certificate means there? Why is it called “digital”? Normal real life certificate contains your data (name, surname, date of birth and etc..), data about who issued a certificate, data about what this certificate means and what capabilities the holder of the certificate posses and sometime date of certificate validity date.
When public key cryptography was created, it allowed many people to exchange their public keys in secure manner, and furthermore the problem of associating a public key with a person has been raised. As an example, you receive a public key (a small file with unreadable data) and you have no guarantee that this key belongs to a person who has send it to you. The solution to this problem was introduced almost immediately and specified “digital certificate”, which contains your public key, your data (name, surname, date of birth and etc.), data about possible public key usage and certificate validity date. Compare this to information in previous section, we can see that there is only one thing missing to compare real-life certificate and digital one. Right, data about issuer of a certificate is missing. You still can receive even a certificate with all the data, but you cannot be sure that it is true.
The solution to this last issue was introduction of certificate authority which protected digital certificate with their signature and gave a possibility to all PKI users not only to read data about public key holder and also be sure that this data was not altered and is verified.
So Public key infrastructure became complete and will help us today and tomorrow to achieve needed security and confidence in the electronic world of communications. And coming back – why digital? Because it is not printed on paper, digital certificate is data sequence which can be seen only in special software. And don’t worry – currently, almost all daily used programs with support of cryptography also support PKI digital certificates.