5 mins
Intro
Digital certificates exist to improve on the weaknesses of digital signatures.
Bruh what’s the weakness
Lack of identification: Digital signatures themselves do not verify the identity of the sender and their public key.
To resolve the above we need a trusted third party.
Digital Certificate
A digital certificate is an electronic document used to identify an individual, a system, a server, a company, or some other entity, and to associate a public key with that entity. A digital certificate is issued by a trusted third party, also known as a certification authority, and is digitally signed by that authority.
Digital certificates are based on trust and verify that a signature is truly signed by the claimed signer. They are stored or sent alongside the public key to a digital signature.
A digital certificate will typically contain the following info:
- Certificate owners name
- Owners public key and its expiration date
- Certificate issuers name
- Certificate issuers’ digital signature & public key
…
Fun fact!
X.509 is the ubiquitous standard format of how to define a public certificate.
Below is a diagram illustrating how digital certificates work
BRIAN ADD A DIAGRAM
Follow up
Now that you know the basics of how digital signatures and certificates work you can read up on HTTPS & TLS / SSL the backbone of modern internet security. Where can you do this? In my next article of course!