O'Reilly logo

Inside Windows® Server 2003 by William Boswell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Certificates

In Diffie-Hellman and DSS key exchanges, a brand new cipher key is created for each session. This makes sense in applications like IPSec where a secure network communication link is established pretty much on an ad hoc basis. But what if you want to retain the key for later use, such as digital signatures? You need a way to transport the key securely and, just as importantly, you want to make sure that the key comes from an authorized issuer and has not been tampered with along the way.

The data structure used to transport and validate keys is called a certificate. A certificate acts as a strongbox that protects the key while guaranteeing the identity of the issuer, the identity of the owner, and the purposes for which the key can ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required