Uses of Digital Certificates (Tom Holleman)

Digital certificates are used for many different but related purposes. Here are some of them:

Client Authentication

The most common use of a digital certificate is to verify that an individual is who he or she claims to be. This applies to users connecting to a system with restricted access or sending documents or emails in their name. Associated with this is the capability of the receiver with the means to encode a reply.

Server Authentication

Server authentication is accomplished using a certificate that holds the identify of and resides on a web server. When a user connects to the server with a specific URL, they are given confirmation they have connected to the intended destination. This greatly reduces the risk of users providing sensitive information to a site that is not the one they intended to connect to and is perhaps build out to mimic the authentic site.

Non-Repudiation and Authentication of eMail and eDocuments

Repudiation is the denial of something as authentic or having ever occurred. For obvious reasons protecting against illegitimate claims of this sort is important in business transactions.

With digital certificates, the recipient can confirm that the encrypted stream or file was actually sent by the person assumed.

Safety Assurance of Downloaded Software

It is not uncommon to download software which runs on your own system. This software potentially can do damaging things to your computer. This is particularly true with Active X Controls.

Users can be provided with a measure of assurance if the downloaded software is certified as being "safe" (or at least that a reputable company/person stands behind it) through the use of a digital certificate.

Other Possible Uses

o        Restrict the holder of the certificate to make purchases only up to a specified limit.

o        Enable a trader to deal only in certain instruments or currencies up to a particular amount, for a particular time period.

o        As a "reputation voucher": An individual generates a certificate for a friend to introduce him/her to another person. The certificate is a way to recognize the "worth" of this friend.