A Digital Signature is a signature that authenticates documents in electronic form the same way as a physical signature or thumb impression authenticates documents in hard copy (e.g. paper). The authentication is two-fold:
- Who the sender of the message or the signer of the document is, and
- That the message or document content has not been tampered with and that it has reached the intended recipient in the same form that it was sent.
A Digital Certificate, on the other hand, is like an electronic prepaid voucher. It contains the certificate holder’s name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures) and the Certifying Authority (CA)’s digital signature, to help the recipient verify that the certificate is genuine.
So while a Digital Signature is what confirms the document’s authenticity, a Digital Certificate contains this digital signature, among other components, and carries the signature’s validity period. To understand the difference better, when you purchase a digital signature from a Certifying Authority, what you get is the digital certificate. And when you want to sign an electronic document, you use the digital signature from this certificate and attach the public key. The recipient then uses this public key to check the veracity of the document.
1 comment:
Thanks for explaining both these terms. I was bit confused between both of these as I wasn't able to figure out the difference. After reading this article I learn the clear difference between them.
digital certificate
Post a Comment