![]() |
![]() |
PKI ApplicationsThe most widespread use of PKI is server identification certificates. SSL requires a PKI certificate on the server to assert its identity in a trustworthy manner to the client. Every HTTPS web server connection uses SSL and therefore also uses PKI. This outreach web focuses on client-side applications of PKI - using end user PKI certificates instead of or in addition to server certificates. Client-side applications of PKI fit three main categories:
Digital signatures enable a user to put their "digital John Hancock" on an electronic document. This is directly analogous to signing in pen on a paper document except it goes one step further and associates the exact contents of the digital document with the signature in a way that makes tampering with the document's contents after the signature easy to detect. Again, it is posession of the private key that assures that only the owner of the PKI digital credentials could have executed the signature. Encryption is standard protection of data in a file with a twist. Anyone can encrypt data intended to be read by a particular user by using their public key for the encryption process. But only the designated user posesses the private key that can decrypt the data, so its privacy is assured by the security of their private key. Here is a list of some of the popular PKI applications in academia:
AOL AIM with PKI and about digital signatures S/MIME email with Microsoft Outlook Dartmouth's PKI Lab has tested a number of applications and made useful notes and "how to" documentation about them. We have also documented in greater detail ways which these applications can be used in Higher Education.
|