1.The passport contains information that identifies you.

2.This information is guaranteed by a national government, which people usually trust.

3.A passport is difficult to forge.

These three things are mostly true of digital certificate, too.

A digital certificate contains information identifying its owner: Name, email address, geographical location, and so forth.

1.The certificate bears the signature of a trusted organization, called a “Certificate Authority” (CA for short), that guarantees authenticity of the certificate. The signature, of course, is digital just like the whole certificate. A CA is rarely a government body; instead it's usually some large company. Major CAs include VeriSign, Entrust.net, and GoDaddy.

2.Digital certificates are difficult to forge because they're created and verified with strong cryptography (encryption). The CA's signature is cryptographically generated, and after the signature is embedded in the certificate, the certificate itself is protected through cryptography.

The combination of cryptography and signatures can be used over and over at higher and higher levels. So a digital certificate, being encrypted and signed, can be used itself to encrypt and digitally sign things!

Right now, the most common uses of digital certificates are to verify the authenticity of websites and to protect web transactions. Every time you see the padlock icon in the bottom corner of your web-browser window, your browser is participating in an encrypted web session that began with a digital certificate transaction.

What Does a Certificate Promise?

Every kind of certificate promises something different—it depends on what rules the certificate authority followed when they granted it.

The certificate in the elevator shows that some government expert checked it for safety.

The certificate in the doctor's office is a little different. It shows that the doctor passed an exam, so she is legally allowed to practice medicine. Indirectly, it suggests she has some skills as a doctor—but it's not perfect.

A digital certificate on a web site, such as http://hackerteen.com, just means that the web page was actually sent by the server at the domain hackerteen.com (see http://www.hackerteen.com/dns.php). It says nothing about the quality of the site. You have to judge that for yourself.

Example: How Digital Certificates Protect You on the Web

Suppose you navigate to https://www.treas.gov, the U.S. Department of the Treasury's secure website. Automatically, your web browser will:

1.Ask www.treas.gov for it's own digital certificate (the "site certificate")

2.Look up its corresponding CA certificate (www.treas.gov's certificate is signed by Entrust.net)

3.Perform a cryptographic calculation called a “signature verification” to see whether the site certificate was really signed by Entrust.net.

What, you may wonder, stops someone from creating a fake Entrust.net CA certificate, and using it to sign fake site certificates? Actually, nothing. But every web browser comes with its own copies of the certificates from most popular CAs. Your browser can tell whether a site certificate has been signed with the real Entrust.net CA certificate (or Verisign's CA certificate, etc.). If you're curious, search through the Preferences menus on your browser; eventually you'll find a list of all the CAs recognized by the browser.

If you encounter a site certificate that hasn't been signed by any of the CAs your browser has certificates for, your browser will (hopefully) complain about an “unverified site certificate.” At this point you'll still be able to begin an encrypted session with that site, but you won't know for sure whether it's the website you want, or an imposter.

Continuing our example, after your browser verifies www.treas.gov's site certificate, it sets up an encrypted session with www.treas.gov, using both the site certificate and its own certificate. That's right, your browser has its own digital certificate!

Because your browser has just a generic certificate without any CA signature (it's “self-signed”), it isn't useful as identification; it's useful only for creating encrypted web sessions. Since most users don't have unique, CA-signed digital certificates, web sites that care about your identity usually verify it by asking you for a username and password.

Secure web transactions aren't the only things digital certificates are good for. Email programs—such as Microsoft Outlook, Evolution, and even some webmail interfaces—support the use of digital certificates for signing and encrypting email (and of course, verifying and decrypting it too). The protocol for this is called S/MIME.

Reality Dept. and Alternative Signatures

Communication really is safer with digital certificates, but there are problems with CAs that come out when theory comes up against real life. CA-signed certificates are expensive, whereas self-signed certificates are a hassle to manage. Some of the problems include:

Browsers and CAs get out of sync. Remember that the browser has to recognize the signature of CA, or it complains that the site you're visiting is untrusted. What if a CA changes its signature, or if a new CA comes online after your browser was installed? This happens often, so you get warnings when you visit sites that are actually OK.

The CA might make a mistake and give a certificate to someone who isn't really the organization he claims to be. Imagine, for instance, if somebody unknown claimed to be Microsoft and got a certificate from a CA. He might trick you into downloading infected software. This isn't speculation! Somebody did get a certificate claiming to be Microsoft from the world's leading CA, VeriSign. The identity of the imposter was never revealed, and he had a valid certificate for a year.

Certificates are difficult to revoke, in case something like the fake Microsoft incident happens. There are a couple of different ways of declaring a certificate void and getting users to reject it, but the browsers and other products that use certificates aren't coded to work this way.

The hacker/geek community doesn't like the costs and the centralized control of CA-signed certificates, so PGP (“Pretty Good Privacy”) more popular among them. PGP keys are very similar to digital certificates, except that instead of having one CA signature, a PGP key might be signed by many other keys.

Rather than relying on CAs, PGP uses a “web of trust” to verify certificates. The idea is that if you get all your friends to sign your key, and each of those friends' keys have in turn been signed by a bunch of other people's keys, then for any given key, there will be some signature on that key that's traceable to somebody you trust.

But in practice, the Web of Trust has flopped: It's a pain in the neck to manage key signatures, and as a result, most people who use PGP have only a couple of signatures (if any) attached to their key, and instead verify keys by making sure they've received them directly from their owners.

One advantage of PGP over S/MIME is that it's more versatile: PGP software, including the free GNUpg application, can be used not only for email, but also for encrypting files on your hard drive, and even the contents of your computer's clipboard!

What Extra Protection is Useful With Digital Certificates?

Your digital certificate is designed to be shared, so that other people can verify digital signatures that you create with it, and can participate in encrypted communications with you. However, each certificate has a corresponding “private key,” or simply “key” for short, that must be kept secret, and must be protected with a strong password. If a key has an easy-to-guess password, and someone manages to copy that key off of your computer, that person will be able to create digital signatures in your name, and decrypt anything that's been encrypted with your certificate.

One good way to protect a digital certificate's key is to store it in a Smart Card. A Smart Card is a credit-card-sized plastic card containing a computer chip that can participate in digital certificate transactions (signing things, encrypting things, and so on), but can also defend itself against copying. Smart Cards are the most secure and convenient format for issuing digital certificates to people (as opposed to servers and web sites), but any computer on which you wish to use your Smart Card must have special Smart Card reader hardware.