Subscribe / Log In
Subscribe / Log In
Profile

Digital Certificate Policy

Share

  • Provided by TechRepublic Premium
  • Published January 29, 2015
  • Topic TechRepublic Premium
  • Format PDF
A digital certificate is a sort of signature - a fingerprint which identifies a server or website, for instance, so visitors who connect can verify that the target is who it claims to be and not a fraudulent or malicious site posing as a legitimate business. Whether visitors are shopping, working or exchanging confidential information, a digital certificate protects them and their data.

Digital certificates depend on trust. They are issued by certification authorities, which are entities that assure the user that the certificates they provide are valid and reliable. A certification authority can either be a public organization such as Comodo, Entrust and Verisign (which charge a fee to issue certificates) or a private system which can be built and operated in-house to provide self-signed certificates without a fee. In either case the user’s client application (often a web browser) must trust the certification authority, which has its own certificate that needs to be installed before it can present other certificates to users.

The purpose of this Digital Certificate Policy is to provide guidelines for the appropriate procurement, usage and renewal of digital certificates. It can be downloaded and used as written, or can serve as a template for your organization's own policy.

People Also Downloaded