O'Reilly logo

Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition by Mary Dageforde, Gary Ellison, Li Gong

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

8.1. Digital Certificates

Users of public-key applications and systems must be confident that the public key of a subject—a user, organization, or other entity, such as a service—is genuine, that is, that the associated private key is owned by the subject. Public-key certificates are used to establish trust. A public-key certificate is a binding of a public key to a subject, whereby the certificate is digitally signed by the private key of another entity, often called a Certification Authority (CA).

If the user does not have a trusted copy of the public key corresponding to the private key the CA used to sign the subject’s public-key certificate, another public-key certificate vouching for the signing CA is required. This logic can be applied ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required