Tip

Notarization and PKI



Understanding public key infrastructure (PKI) is an important step in understanding e-commerce security. This tip, excerpted from InformIT, discusses the PKI function of notarization.

The term notarization (that is, the primary service of a notary) can be a source of confusion in some environments, because it means different things in different legal frameworks. For [our] purposes, the PKI-enabled service of notarization is defined to be synonymous with "data certification." That is, the notary certifies that data is valid or correct, where the meaning of "correct" is necessarily dependent on the type of data being certified. For example, if the data to be certified is a digital signature over some hashed value, the notary may certify that the signature is "valid" in the following sense:

The signature verification computation with the appropriate public key is mathematically correct.

The public key is still validly associated with the entity purporting to have signed the value.

All other data required in the validation process (such as additional certificates) to form a complete path.

The PKI notary is an entity trusted by some collection of other PKI entities to perform the notarization service properly. It certifies the correctness of data through the mechanism of a digital signature; the other PKI entities, therefore, need a trusted copy of the notary's verification public key so that the signed data

    Requires Free Membership to View

certification structure can be verified and trusted.

The PKI-enabled service of notarization relies on the core PKI service of authentication. It will typically also rely on the PKI-enabled service of secure time stamping because the notary will need to include the time at which the notarization was done in the data certification structure.

For more of this tip, go to InformIT. You have to register there, but it is free.
Related book

Understanding Public-Key Infrastructure
By Carlisle Adams and Steve Lloyd
This book is a tutorial on and a guide to the deployment of public key infrastructures. It covers a broad range of material related to PKIs, including certification, operational considerations and standardization efforts, as well as deployment issues and considerations. Emphasis is placed on explaining the interrelated fields within the topic area, to assist those who will be responsible for making deployment decisions and architecting a PKI within an organization.


This was first published in February 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.