Digital certificates are the cornerstone of the modern e-commerce and secure internet communications in general. A digital certificate is a means to establish trust, one way or mutual, between two parties before a transaction can take place between the two. The contents and integrity of the transaction are protected by the digital certificate from evesdroppers, who may desire to use it for self-gains or tamper with it, without such protection. A digital certificate proves the ownership of a “Cryptographic Key”. Let’s look at this in a bit more detail.
Need for Security in Communications
The need to secure communications between two people, say, Alice and Bob, separated by an untrusted communication medium is perhaps as old as the history of human civilization. Why communicate? Because that is what we do. Maybe Alice wants Bob to bring eggs home on the way back from work, for tomorrow’s breakfast.
What is the communication medium in between? A horse rider, a note carrying pigeon, a smoke signal, postal mail or in the modern era, a phone call, text message or email.
Why is the communication medium untrusted? Because Alice and Bob’s arch nemesis Eve, can’t see them happy and wants to tamper with the message to have Bob bring home milk instead, which they got plenty of, and will make Alice very unhappy if he brings it again.