Digital Certificates - How
- Grean generates a key pair, and sends to a CA with appropriate
proof of identity
- CA checks the proof, and sends Grean a Digital ID, along with a
hierarchy of Digital IDs verifying the CA's public key.
- example :
- Sam approaches me saying, "Hi, I'm Sam".
- Now, maybe I haven't seen Sam in a while, so I want to
check his ID
- I check that the ID has the appropriate information, his
name, that it hasn't expired, and who the CA is.
- I find out that the CA is Grean, and the ID has
Grean's Digital Signature (encrypted with his private key)
- Since I know Grean, I have his public key, decrypt the
signature, and if it passes, I know that Grean indeed gave
this ID to Sam.
- But I also know that Grean's requirements for IDs if
fairly lax, and will simply give out IDs over the phone.
- So to that extent, I choose not to believe this is Sam.
Sorry.
Copyright 1997 by Slackers Union. Comments should go to any of the
group members. Opinions reflected on this page are by no means
opinions
of UCSD. Go sue somebody else.
Last Modified: June 1st, 1997
|