23 February 2012
1st Alcester Scout Group - website  

You are not logged in!

Using certificates for privacy

Using certificates for privacy and security


You can use certificates to protect your personally identifiable information on the Internet and to protect your computer from unsafe software. A certificate is a statement verifying the identity of a person or the security of a Web site.

Internet Explorer uses two different types of certificates:


A personal certificate is a verification that you are who you say you are. This information is used when you send personal information over the Internet to a Web site that requires a certificate verifying your identity. You can control the use of your identity by having a private key on your computer. When used with e-mail programs, security certificates with private keys are also known as "digital IDs".
A Web site certificate states that a specific Web site is secure and genuine. It ensures that no other Web site can assume the identity of the original secure site. When you are sending personal information over the Internet, it is a good idea to check the certificate of the Web site you are using to make sure that it will protect your personally identifiable information. When you are downloading software from a Web site, you can use certificates to verify that the software is coming from a known, reliable source.
How do security certificates work?
A security certificate, whether it is a personal certificate or a Web site certificate, associates an identity with a public key. Only the owner of the certificate knows the corresponding private key. The private key allows the owner to make a digital signature or decrypt information encrypted with the corresponding public key. When you send your certificate to other people, you are actually giving them your public key, so they can send you encrypted information that only you can decrypt and read with your private key.

The digital signature component of a security certificate is your electronic identity card. The digital signature tells the recipient that the information actually came from you and has not been forged or tampered with.

Before you can start sending encrypted or digitally signed information, you must obtain a certificate and set up Internet Explorer to use it. When you visit a secure Web site (one whose address starts with https), the site automatically sends you its certificate.