Taskie !How to get task done well!

Public Key Infrastructure (2)Filed Under: General

Within Public Key Infrastructure, the encrypted document is usually transferred through a third party known as a Certification Authority. The Certification Authority may assist in encrypting the document and in creating the numerical hash file, as well as authenticate the identities of one or more of the parties through the digital certificate, keep a record of the digitally signed document’s unique numerical hash file, and maintain the public key that permits decryption of the document. Taken together, this multistep process constitutes the digital signature.

A digital certificate can be issued by the organization initiating the approval process or by a Certification Authority. A certificate usually contains the holder’s name, a serial number, expiration dates, a private key that signs documents and messages through encryption, and a public key that the recipient uses to decrypt the message. Cryptography binds the digital signature to a document. If someone changes the terms and conditions or prices in that electronic document, the signature will become invalid.

Although digital signatures and the assistance of Certification Authorities can be costly, they provide worthwhile safeguards against electronic document tampering, deception, fraud, and unwanted disclosure, particularly when the stakes are high. Most people consider digital signatures to be the most robust technology available. But the strength of a digital signature depends on the rigor of its registration process. In some cases, a Certification Authority may register new private key holders by simply asking users to type in their email addresses. In other cases, the Certification Authority asks registrants for several pieces of private information, such as Social Security numbers, the last four
digits of their driver licenses or the amount of the last check they wrote. If even greater security is called for, registrants could be required to appear in person at the certificate authority’s premises with multiple forms of identification. When this last term is used, the electronic signatures made with assistance of the digital signature is taken as equivalent to handwriting signatures in most national legislation regarding electronic business and electronic commerce.

Taken From : Digital Economy – Impacts, Influences and Challenges