8.2 Certification authorities and digital certificates
There are snags to this procedure, however: for example, Charlie could generate a key pair for himself and publish the public key using Bob's name. Some additional assurance is required that irrevocably binds together the true identity of a person with a public key. This assurance can be provided by a trusted third party, known as a certification authority, which is able to vouch for Bob. Certification authorities can be independent organisations, system administrators, or companies (such as Verisign) that specialise in validating the identity of an entity and issue a digital certificate that binds the identity with a public key. The certification authority knows only the public key of the entity and not the private key, which should of course be kept secret at all times. The entity may not be a person – it could also, for example, be a computer, a website, or a network resource such as a router. Once the digital certificate has been issued, the entity can append it to messages it sends in order to provide assurance about its identity.
Can you think of a problem that might arise with this arrangement?
An entity, say Charlie, could create his own digital certificate, which he claims has been issued by a certification authority and which allows him to masquerade as Bob. Alternatively, he could modify Bob's authentic certificate by substituting his own public key in place of his.
So a digital certificate itself needs some form of authentication to provide assurance that it is valid.
How could a certification authority provide assurance about the validity of a digital certificate?
The certification authority could include its own identity and digital signature in the digital certificate.
Typically, a digital certificate includes the information illustrated in Figure 12. It may also include the level of trust that the certification authority is prepared to recommend. The emerging standard for digital certificates is ITU-T X.509.
A user will need to obtain the certification authority's public key in order to validate its signature. In turn, the binding of the certification authority's identity to a public key will itself need to be the subject of validity assurances, and thus the system of authentication depends on an extended structure and often relies on a chain of certificates.
Certification authorities form part of what is known as a public key infrastructure – a combination of services and encryption techniques that together are used to protect the security of data over networks. At the time of writing, the definition of a public key infrastructure is rather loose, but it is generally accepted that it will include:
- a registration authority, which checks and verifies the credentials of a user before a digital certificate can be issued
- a certification authority that issues and verifies digital certificates
- directory services for the publishing of public keys and certificates
- certificate management and key management services.