Digital Certificates
Public key encryption is more secure than secret key encryption, but implementing it on a large scale is more difficult to manage. If public keys are posted to the Internet without any oversight, someone could provide a public key that purports to be that of another user. Then, data encrypted with that key and intended for the user whose name was associated with it could be intercepted and accessed by the unauthorized user who posted the key with the fraudulent information.
To verify a user's or computer's identity, we need a mechanism for a trusted third party to confirm that the user or computer advertising the public key is in fact who he, she, or it claims to be.
This is the function of a digital certificate. The way ...
Get TICSA TruSecure™ ICSA Certified Security Associate Exam TU0-001 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
