Digital security guide

Transact electronically – with confidence

Post Office Trust Centre certificates are used to provide organisations and individuals with a high level of trust in terms of the electronic activities they are engaging in.

What is a digital certificate?
Digital CertificatesA digital certificate can be defined as an electronic file that securely links an individual or a computer to an encryption key pair and identification data. A digital certificate is used to identify the holder of the certificate and sender of a data message and to encrypt and protect the data message on the internet.
These digital certificates can be down loaded onto a computer or some mobile device like a smart card. It can then be used for access control or signing and encrypting messages. A digital certificate enables authentication (identity) of sender, validation of the certificate and integrity (not been tampered with) of the data message of a communication or transaction. Certificates are issued not only to individuals but also to associations, organisations and computer devices.
What is a digital signature or digital signing?
When a digital certificate is applied to a data message – the message is said to have been digitally signed. The data message can be an electronic document, electronic message, electronic transaction or other electronic communication. Digital signatures can also be used with a variety of software applications to sign documents and data,. e.g. document flow applications or document processing software like Adobe.
What are digital certificates used for?
Digital certificates are used to electronically ensure the integrity of electronically transmitted information and to ensure that the person sending the information is who he or she claims to be and cannot later deny having sent the information.
What does a digital certificate contain?
The certificate contains, among other things, the public key of the holder, the name of the holder, the period of validity for the certificate, the name of the certification authority that issued the certificate and the serial number of the certificate. The issuing certification authority digitally signs the certificate.
What is a certification authority (CA)?
A certification authority is an organisation that issues certificates, and signs the certificates and the revocation lists with its private key.
What is a registration authority?
A registration authority (RA) is an organisation in the tust hierarchy that handles certain functions, like identification and registration of digital certificate users.
What is a certificate revocation list?
A certificate revocation list (CRL) is an up-to-date list of certificates that a certification authority has revoked before their period of validity has expired.
What can certificates be used for?
Certificates can be used, for instance, for the following purposes:
  • Confidentiality: Ensures that only intended recipients can read files
  • Data Integrity: Ensures that files cannot be changed without detection.
  • Authentication: Ensures that participants in an electronic transaction are who they claim to be.
  • Non-repudiation: Prevents participants from denying involvement in an electronic transaction
What are certificate policies (CPs)?
Certification authorities issue digital certificates that are intended for specific purposes or applications. The certificate policy describes the rules governing the processes supporting, issuance and different uses of these certificates.
What is acertification practice statement (CPS)?
A certification practice statement is a comprehensive statement of the precise practices that a certification authority follows in issuing suspending, revoking, and renewing digital certificates in terms of its certificate policy.
Do certificates have a validity period?
Digital certificates and server certificates are normally valid for one year. The validity period can vary as the issuing CA decides for on the validity period of a certificate.
What is a key?
A key is a random number sequence that is used for encryption and decryption algorithms. The length of the key is an important factor in ensuring the security of the encryption.
What are public and private keys?
PKI uses asymmetric cryptography to encrypt and decrypt information. In asymmetric cryptography, encryption is done by a freely available public key, and decryption is done by a closely guarded private key. Although the public and private keys in a particular key pair are mathematically related, it is impossible to determine one key from the other. Each key in an asymmetric key pair performs a function that only the other can undo.
What is encryption and decryption?
Encryption is the use of a mathematical formula and an encryption key to convert information into a form that is unintelligible unless one has the encryption key.
Decryption is the reversal of the encryption process bringing converted information back to plain text.
What is PKI?
Public Key Infrastructure – is an infrastructure or system created for the purpose of enabling the issuing, encrypting and exchanging of digital certificates.
What is a trust hierarchy?
Trust HierarchyThis is a organised group of entities that operate under a set of policies and processes that are intended to create a trusted environment that manages the entire certification process.
What can Certificates be used For?
  • Allowing a third party to authenticate the identity of a potential client.
  • Enabling validation of the status of an authentication mechanism.
  • Enabling electronic signing of data messages. (e.g. transactions, email and documents)
  • Add legal status, non-repudiation to electronic transactions.
  • Encryption of electronic messages. (prevents message tampering)
  • Used for access to physical environments. (smart card or other token)
  • Access to specific Software Applications.
  • System to system authentication and encryption.

Buy Digital Certificates