Reference document

Digital Certificates Management Application

The Digital Certificates Management Application allows users to manage digital certificates. The main purpose of digital certificates is to bind cryprographic keys to given entity. The certificates store an unique id of the entity (usually distinguished name in the X.500 directory, or to an alternative name such as an e-mail address or a DNS entry), selected identity attributes (last and first name, security clearance, etc.) and the public key associated with the entity. In order to provide required level of confidence digital certificates are signed (vouched) by issuing authority. Issued digital certificates support strong authentication, signing and encryption of data. The information stored in the digital certificate are protected by cryptographic technologies and personal PIN known only to the user for which the certificate was issued. The maintenance of digital certificates includes issuance, renewal, re-keying, identity information updating and certificate revoking. The scope of the information stored in the certificate has to be compliant with approved identity privacy and digital certificate policies.

Credential Management Applications