Certificates and Digital IDs

The certificate contains the following information:

Version
Serial Number
Signature Algorithm ID
Issuer Name
Validity Period
Subject (User) Name
Subject Public Key Identification
Issuer Unique Identifier
Subject Unique Identifier
Extensions
Signature for the above fields

In typical use for Internet applications the key fields are the “Subject Name” and “Signature” fields. The latter proves through a digital signature from the Certificate Authority that the other fields within the certificate have not been tampered with. The “Subject Name” or “Distinguished Name” field field is typically used to identify the system to which the certificate belongs via a fully qualified domain name (FQDN - e.g. myhost.company.com). The entity checking the certificate such as a browser would connect check (via a name server) that name against the known FQDN for the host it is connected to, if they don’t match it considers the connection suspect and warns the user or automatically prevents connection.

[ Contents ] [ DNS ] [ p6spy ] [ Weblogic Tuning ] [ Cactus ] [ The Grinder ] [ Word to PDF ]