What are certificates and keys?
Encryption certificates (public keys) are used to create and verify digital signatures, and to encrypt data that only the user of a corresponding private key can decrypt. Unlike private keys, public keys do not need to be protected from unauthorized access, and in fact should be made available to everyone. Encryption certificates (public keys) are certified by a trusted third party. A public key and corresponding private key together create a “key pair.” The private key is used to digitally sign data and to decrypt data encrypted with the public key. Private keys must thus be carefully safeguarded by their owners. A certificate contains: • A clearly identified serial number • The clearly identified name of the owner • The public key of the owner • Usage notations and validity timeframes • The digital signature of the trusted third party A common standard for certificates is X.509. Encryption and digital signatures can be implemented together or independently within the enterprise.
