Network Certificate
- Tags
- networking
Is a [see page 13, certificate] that is signed by some certifying authorities private key. A client who accesses a site receives the certificate and can compare the signature with the authorities public key to verify the server is who the authority thinks it is.
If the client [see page 17, trusts] the CA and the certificate check (is authenticated, not expired) passes, they consider the sender secure/trustworthy.
Certificate Types
We can classify certificates based on the [see page 44, validation] they provide:
| Type | Validation Type | Description | Through |
|---|---|---|---|
| DV | Domain | Asserts that this is the owner of the domain | whois |
| OV | Organisation | Check on identity & existence of an organisation | Chamber of Commerce Records |
| EV | Extended | More rigorous checks on organisation identity | Various Means |
We also define Wild Card certificates, can be associated with specific domains and
subdomains. For example *.shef.ac.uk could have it's own certificate distinct from
price.shef.ac.uk.