Certificate

February 9, 2018

You are here:
< Back

A digital representation of information which at least
1) identifies the certification authority issuing it,
2) names or identifies its subscriber,
3) contains the subscriber’s public key,
4) identifies its operational period, and
5) is digitally signed by the certification authority issuing it.
SOURCE: SP 800-32

A set of data that uniquely identifies an entity, contains the entity’s public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity. Additional information in the certificate could specify how the key is used and its cryptoperiod.
SOURCE: SP 800-21

A digitally signed representation of information that 1) identifies the authority issuing it, 2) identifies the subscriber, 3) identifies its valid operational period (date issued / expiration date). In the information assurance (IA) community, certificate usually implies public key certificate and can have the following types:
cross certificate – a certificate issued from a CA that signs the public key of another CA not within its trust hierarchy that establishes a trust relationship between the two CAs. encryption certificate – a certificate containing a public key that can encrypt or decrypt electronic messages, files, documents, or data transmissions, or establish or exchange a session key for these same purposes.
Key management sometimes refers to the process of storing, protecting, and escrowing the private component of the key pair associated with the encryption certificate. identity certificate – a certificate that provides authentication of the identity claimed. Within the National Security Systems (NSS) PKI, identity certificates may be used only for authentication or may be used for both authentication and digital signatures.
SOURCE: CNSSI-4009

A set of data that uniquely identifies a key pair and an owner that is authorized to use the key pair. The certificate contains the owner’s public key and possibly other information, and is digitally signed by a Certification Authority (i.e., a trusted party), thereby binding the public key to the owner.
SOURCE: FIPS 186