Digital Signatures provide Authentication, Privacy, Non repudiation and Integrity in the virtual world . IT Act 2000 in India gives legal validity to electronic transactions that are digitally signed. Therefore we need digital signatures for secure messaging, online banking applications, online workflow applications, e-tendering, supply chain management etc.
Digital Certificates are digital documents attesting to the binding of a public key to an individual or specific entity. They allow verification of the claim that a specific public key does in fact belong to a specific individual. Digital Certificates help prevent someone from using a phony key to impersonate someone else.
In their simplest form, certificates contain a public key and a name. As commonly used, a certificate also contains an expiration date, the name of the Certifying Authority that issued the certificate, a serial number etc. Most importantly, it contains the digital signature of the certificate issuer.
A digital signature is an electronic method of signing an electronic document whereas a Digital Certificate is a computer based record which
- Identifies the Certifying Authority issuing it.
- Has the name or I the identity of its subscriber.
- Contains the subscriber’s public key.
- Is digitally signed by the Certifying Authority issuing it.