8.1. Digital Certificates
Users of public-key applications and systems must be confident that the public key of a subject—a user, organization, or other entity, such as a service—is genuine, that is, that the associated private key is owned by the subject. Public-key certificates are used to establish trust. A public-key certificate is a binding of a public key to a subject, whereby the certificate is digitally signed by the private key of another entity, often called a Certification Authority (CA).
If the user does not have a trusted copy of the public key corresponding to the private key the CA used to sign the subject’s public-key certificate, another public-key certificate vouching for the signing CA is required. This logic can be applied ...
Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.