13
Jack
Certificate Authority
(Also performs Identity Verification on Jack)
Jack’s Public Key
Jack’s Private Key
CA’s Public Key
CA’s Private Key
Certificate Request
Identity Info +
Jack’s Public Key
Jack
Jack’s Private Key
(Stays Private)
Jack’s Public Key
Jack’s Public Key
Certificate
Jack’s Public Key
Create
Key Pair
One-Way Function/Hash Function
Identity Info +
CA Info +
Encryption
Identity Info +
CA Info +
CA’s Digital
Signature
Preliminary Certificate
Figure 14 – Certificate Authority
Jack goes through a key pair generation process and creates a public and private key pair. The
private key is kept secret. The public key is associated with some identity information and is given to
a Certificate Authority. The certificate authority generates a certificate, usually specific to a purpose
such as email, and signs the certificate with its digital signature. Assuming there is a place where
these digital certificates are publicly available, as long as Jack and John can agree to trust a specific
certificate authority, they’ll be fine trusting certificates signed by that authority. Refer to Figure 15.
To Next Page
Loading...
