Public-Key Certificate

Definition

The public-key certificate acts as a digital identification card that identifies a person or component.

Use

Use your own public-key certificate to identify yourself to others.

You can use someone else's public-key certificate to verify their digital signature.

Structure

A signer's public-key certificate contains the information you need to verify his or her digital signature, namely the public key and which algorithm was used. Additional information is also included so that you know that this public key does actually belong to the person or component.

There are various formats for storing this information. One standard that is commonly used is the X.509 certificate, which contains the following information:

• General Information

  • Version

  • Serial number

  • Validity period

• Certificate Issuer's Information

  • CA's Distinguished Name

• Certificate Owner's Information

  • Owner's Distinguished Name

  • Owner's public key

  • Asymmetric, cryptographic algorithm used

• CA's Digital Signature

  • Asymmetric, cryptographic algorithm used

  • CA's digital signature