[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] What is the difference between a digital certificate an d a digital signature?




Not Quite. The certificate is the package of the public key. A digital
signature is a message signed with the Private key.

A certificate is used to publish your key to others. Since they need your
public key to send you encrypted messages, it has to be able to somehow be
sent to them. This is what your certificate is for. Generally it is signed
by a trusted third party. i.e. Someone you already have a public key for.

To be sure the user is the one who sends out the message, and no is
falsifying the message, a message digest is created and encrypted with the
users PRIVATE key. Since this can only be decrypted with the matching PUBLIC
key, you know you are conversing with the one-and-only person/machine the
has that key pair. Hence the term "signature". You decrypt the digest and
compare the clear text with what you got from your own decryption and
thereby know the user is the one you think they are.

Daniel Gaughan

-----Original Message-----
From: James Edwards [mailto:[email protected]]
Sent: Monday, March 05, 2001 10:51 AM
To: 'Allan Pratt'; [email protected];
[email protected]
Subject: RE: [FW1] What is the difference between a digital certificate
an d a digital signature?



I'm going to take a stab at this for no other reason that to test my own
knowledge.  I am pretty sure I understand but I hope someone will set me
straight if I have this wrong.  Anyway, here goes.

A digital certificate and a digital signature are basically the same thing.
They are both a way to identify the owner and encrypt the traffic sent back
and forth.  The main difference is in how they are used.  A digital
certificate is typically used for a web site and allows for secure traffic
back and forth.  A digital signature is typically used for an individual and
provides a way to positively identify that individual and encrypt his
traffic (emails and the like).  A digital signature is sometimes called a
personal certificate.

I know this is a pretty simple explanation but I hope this answers the
question.  I'm sure others will give more detail.

Jim Edwards
Systems Manager
Texas Secretary of State


-----Original Message-----
From: Allan Pratt [mailto:[email protected]]
Sent: Monday, March 05, 2001 9:14 AM
To: [email protected];
[email protected]
Subject: [FW1] What is the difference between a digital certificate and
a digital signature?



Hi,

This might be off topic, but what is the difference between a digital 
certificate and a digital signature?

Thanks,

/ap

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================