1. What Is a Digital Certificate?
A digital certificate is a virtual “identity card”, allowing the identification without ambiguity on the Internet.
Digital Certificates and the PKI technology offer the guarantee that a certain person, a machine or a web server made a certain action on the Internet.
Such guarantee is ensured by the fact that the certificate is electronically signed by a Certification Authority, whose certificate is, in its turn, signed by another Certification Authority, thus the so-called “trust chain or hierarchy” being created.
Digital Certificates and the PKI technology offer the guarantee that a certain person, a machine or a web server made a certain action on the Internet.
Such guarantee is ensured by the fact that the certificate is electronically signed by a Certification Authority, whose certificate is, in its turn, signed by another Certification Authority, thus the so-called “trust chain or hierarchy” being created.
2. Which Is the Use of a Digital Certificate?
A series of applications may use a digital certificate aiming at the implementation of the following security principles:
- Identification and Authentication
- Persons or objects (machines, software applications) are identified and authenticated;
- E-mails, files, computer programs or software components can be authenticated;
- Integrity
- Certainty that data have not been modified without granted authorization.
- Non-Repudiation
- The indisputable proof of data origin, data receiving or the moment of an action being made is granted.
- Confidentiality
- Stored or transiting data are encrypted in order to ensure that unauthorized persons will not access them.
3. Which Is the Validity Period of a Digital Certificate?
The validity period of a digital certificate is of one year. After one year, the certificate may be renewed.
4. What is a Server Certificate?
It is a digital certificate ensuring the identity and the authenticity of a website. SSL certificate guarantees the confidentiality and the integrity of the data belonging to the users of e-trade, e-banking sites and any other type of site, which is sensitive to its clients’ data security.
5. How Does Server Certificate Protect me Against the “Phishing” Type Attacks?
A “phishing” type attack implies the duplication of a website belonging to a recognized entity (ex. a bank) and its usage in order to obtain confidential information from the users (personal data, bank accounts, PIN codes etc.). By using the server certificates, this type of attack is not possible anymore.
6. What Is PKI?
It defines the architecture, techniques, practices and procedures collectively contributing at the implementation and operation of the cryptographic systems using public keys, based on digital certificates.
PKI consists of hardware and software, databases, network resources, security procedures and legal obligations, joined and collaborating to supply and implement both certification services and other services associated to the infrastructure (ex. supply of time stamp).
PKI consists of hardware and software, databases, network resources, security procedures and legal obligations, joined and collaborating to supply and implement both certification services and other services associated to the infrastructure (ex. supply of time stamp).
7. What is an Electronic Signature?
It is a data package containing the user’s identification data as integrated in the documents and/or messages sent via the Internet.
8. Which is the Difference between the Signing and the Encryption of the Electronic Documents?
The electronic message security relies on 4 essential principles: authenticity, integrity, non-repudiation and confidentiality.
Electronic signature ensures the achievement of the first 3 principles. Documents content is always clearly signed. Electronic signature ensures you that any modification of the document is detectable. Likewise, you get the guaranty of its origin and authenticity.
Encryption ensures only the data confidentiality. Only authorized persons may view the encrypted data.
Electronic signature ensures the achievement of the first 3 principles. Documents content is always clearly signed. Electronic signature ensures you that any modification of the document is detectable. Likewise, you get the guaranty of its origin and authenticity.
9. How Does the Encryption of Electronic Documents Function?
The encryption of electronic documents offers the guarantee that they may be viewed only by authorized persons.
10. What Is a Time Stamp?
The time stamp is a data package associated to a document aiming to guarantee its existence in a certain form, at a certain moment.
11. How Does the Time Stamp Function?
The process of time marking of an electronic document implies the transmission to the time stamping server of the related document unique identifier (ex. its cryptographic summary).
The time stamping server adds, to the respective identifier, information about time coordinates and an order number; all process concludes with a digital signature applied to these data.
The time stamping server adds, to the respective identifier, information about time coordinates and an order number; all process concludes with a digital signature applied to these data.
12. What Is a Certification Authority?
A certification authority represents a complex system composed by software and hardware applications as well as security procedures and rules. All these have the role of ensuring the issuance and management, under the best security conditions, of the certification authority digital certificates.
13. What Is a Trust Chain?
When you check an electronic signature, one of the most important aspects is to check the digital certificate of the user who made that electronic signature.
To do this you need all the certificates of the certification authorities under which the respective certificate was issued. For example, in the case of checking a qualified digital certificate issued by certSIGN, you need the root certificate of certSIGN under which all certSIGN certificates have been issued and the certificate of the certification authority issuing qualified certificates.
To do this you need all the certificates of the certification authorities under which the respective certificate was issued. For example, in the case of checking a qualified digital certificate issued by certSIGN, you need the root certificate of certSIGN under which all certSIGN certificates have been issued and the certificate of the certification authority issuing qualified certificates.
14. Which Are the Steps to be made in order to obtain a Digital Certificate?
1. Registration
Use the standard form to send us the request for a digital certificate. We make sure you that the data you have transmitted to us arrive here and are kept under the best security conditions.
2. Request of a Digital Certificate
After filling in all the information fields you may revise your application, you may change your options and then confirm the final request.
3. Certificate Acceptance
certSIGN will send the certificate requested by you. You may accept the certificate as it is or you may ask the modification of any data, if the data you supplied do not comply with the ones in the certificate.
4. Loading in the encryption device or in software format in a PKCS #12 file
After checking and accepting the certificate, it has to be loaded in the encryption device or in software format in a PKCS #12 file. Further, you will also load it in the operation system. You may read more details on such operations in the technical guides. You may choose to load personally the certificate issued or you may ask for the certSIGN assistance.
5. Publication of the digital certificate
After you have accepted the digital certificate and loaded it in the operation system, your public key becomes accessible by publication on the internet.
Any partner with whom you will exchange files digitally signed or encrypted can use this key to send you messages which may be opened exclusively using the private key in your possession. Likewise, your partners may verify the status of the certificate you use.
Use the standard form to send us the request for a digital certificate. We make sure you that the data you have transmitted to us arrive here and are kept under the best security conditions.
2. Request of a Digital Certificate
After filling in all the information fields you may revise your application, you may change your options and then confirm the final request.
3. Certificate Acceptance
certSIGN will send the certificate requested by you. You may accept the certificate as it is or you may ask the modification of any data, if the data you supplied do not comply with the ones in the certificate.
4. Loading in the encryption device or in software format in a PKCS #12 file
After checking and accepting the certificate, it has to be loaded in the encryption device or in software format in a PKCS #12 file. Further, you will also load it in the operation system. You may read more details on such operations in the technical guides. You may choose to load personally the certificate issued or you may ask for the certSIGN assistance.
5. Publication of the digital certificate
After you have accepted the digital certificate and loaded it in the operation system, your public key becomes accessible by publication on the internet.
Any partner with whom you will exchange files digitally signed or encrypted can use this key to send you messages which may be opened exclusively using the private key in your possession. Likewise, your partners may verify the status of the certificate you use.
