|Networking government in New Zealand.

Tabs

Site map Access Keys Contact us About this site

You are here: Home » Services » SEEMail » S.E.E. PKI Paper 14 - International and New Zealand PKI experiences across government, v 1.0 » 1 Introduction

1 Introduction

Within this section:
1.1 Definitions
1.2 Why are Digital Certificates important?

1. Over the last five years, several governments have implemented Public Key Infrastructure (PKI) systems. In addition, the New Zealand government has implemented several projects using PKI. This report documents the information learned from these projects. Note: Much of the international information is obtained from media sources, as such information is not typically available on an official website.

1.1 Definitions

1.1.1 Public Key Infrastructure, PKI

2. A Public Key Infrastructure (PKI) is a system of digital certificates and Certificate Authorities that verify and authenticate the validity of each party involved in an Internet transaction.

1.1.2 Certificate Authority, CA

3. A Certificate Authority (CA) is a trusted organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the company or individual granted the unique certificate is, in fact, entitled to it. A CA is a critical component in data security and electronic commerce because they provide greater assurance that the two parties exchanging information are really who they claim to be.

1.1.3 Digital Certificate

4. A Digital Certificate is the digital equivalent of an ID card used in conjunction with a public key encryption system. Also called "digital IDs," digital certificates are issued by trusted parties known as certification authorities (CAs) after verifying that a public key belongs to a certain user (company or individual). The certification process varies depending on the CA and level of certification.

5. There are many types of digital certificates:

E-Mail Certificates - used to identify an individual or company, and preserve the confidentiality and integrity of a message
Browser Certificates - used to identify a browser session, and preserve the confidentiality and integrity of an online transaction
Server (SSL) Certificates - used to identify a server, and preserve the confidentiality and integrity of an online transaction
Software Signing Certificates - used to identify a software manufacturer, and confirm the integrity of a software package

1.2 Why are Digital Certificates important?

6. Core Internet protocols such as TCP, IP, UDP, DNS and HTTP do not support fundamental security properties of integrity, confidentiality or authenticity. The digital certificates provided by a PKI are a popular method to provide security on the Internet, because they can offer a high standard of non-repudiation and provide strong authentication.

[ Previous | Next ]