Digi-Sign, The Certificate Corporation
Published on Digi-Sign, The Certificate Corporation (http://www2.digi-sign.com)

Home > Digi-ID™ Delivery

By Digi-Sign
Created Feb 25 2008 - 11:32

Digi-ID™ Delivery

PDF [1] Digi-CA™ [2] has different delivery options for each Digital Certificate [3] it produces. The most common use for Digi-CA™ is to deliver Digi-IDs™. Prior to the installation of the Digi-CA™, the Certificate Policy is documented and this determines what Method of Delivery is used for issuing a Digital Certificate.

The two principle Methods are the Package Method and the Process Method. A Digi-ID™ can be issued in different ways depending on the Method of Delivery chosen. A single issuing process can be decided on, or a combination of processes.

  • Digi-ID™ Delivery Methods
    • There are two primary ways that the Digi-IDs™ are delivered. Either the Digi-ID™ is delivered in a package [Package Method] or it is delivered as a result of a series of steps in a process [Process Method].

        Digi-ID™ Methods of Delivery:

        The Package Method is where both the public and the Private Key are generated together and delivered together.

        The Process Method means that there are several stages, or processes, in getting a Digi-ID™.

        Digi-CA™ offers both of these Methods of Delivery. And the online flash presentation of Digi-CA™ [4] explains its benefits in a simple and easy to understand manner.



  • Package Method Explained
    • Using the Package Method, the public and Private Keys are generated at the RA or Administrator’s PC. The Public Key is signed by the Digi-CA™ Engine and the entire Digi-ID™ is packaged in a single file and either sent to the end user or is installed on a Smart card, USB Token or any other suitable Digi-ID™ storage device. This package is also referred to as a PKCS#12, a .pxf or a .p12 Private Key Container Package.



  • Process Method Explained
    • Using suitable Digi-Cards™, Digi-Tokens™ or other suitable CSP storage device, a Private Key is generated and remains on the device and never leaves the user. When requesting a Digi-ID™, the device generates the Certificate Signing Request [CSR].

      When the user enrolls at the web application form, the form data entered and the CSR [5] are transferred to the Digi-CA™. The transfer occurs over a HyperText Transfer Protocol Secured [HTTPS]. On receiving the CSR, the Digi-CA™ Engine signs it and creates the x.509 Certificate or Digi-ID™.

      Usually, an email is then sent to the user to collect the Digi-ID™. When the user clicks on the hyperlink within the email, using the TCP/IP Protocol, the Digi-ID™ is installed on the user’s device.

      As stated, the Digi-CA™ offers both of these Methods of Delivery.


Source URL: http://www2.digi-sign.com/digi-ca/digital%20certificate%20delivery

Links:
[1] https://www.digi-sign.com/downloads/download.php?id=digi-ca-pdf
[2] http://www2.digi-sign.com/digi-ca
[3] http://www2.digi-sign.com/digital+certificate
[4] http://www2.digi-sign.com/demos/digi-ca+presentation
[5] http://www2.digi-sign.com/support/digi-ssl/generate+csr