The x.509 certificate can be used for many purposes, such as: electronic signature, two factor authentication, client authentication, email signing and encryption and many other applications.

The Signature Algorithm uses RSA and DSA and as these algorithms are always used in conjunction with a one-way hash function, the following hash functions can be applied:

• MD2 (not in common use anymore)
• MD5
• SHA-1
• SHA-256 (Digi-CA™ Server only)
• SHA-512 (Digi-CA™ Server only)

The Signature Key generation algorithms use RSA and DSA (Digi-CA™ Server only).

The Digi-CA™ system is a complete system containing all of the necessary Operating System [OS], modules, directories and engines required to operate a fully functional CA system. For the technical specifications of the software, refer to the Digi-CA™ Administrator Manual.

Almost every Digi-CA™ installation has one or more customised features added to the system to meet the customer’s specific requirements. The requirements range from overall certificate management and control, to system integration, automation and/or accounting requirements.

You can own and operate a Digi-CA™ system without ever putting in place any statutory documents or standards compliance and many organisations because their application is commercial and doesn’t need third part accreditation. ‘Best Practice’ means you should consider having a CP and we would recommend the following:

• Certificate field configuration (see below)
• CP certificate Policy document (see Appendix II)
• Digi-CA™ referencing the CPS (optional)

As a business tool, email is the easiest one to manipulate and alter. Once sent, the information is extremely easy to intercept and copy whilst en-route. The best way to protect email is with Digi-Mail™.

Digi-Access™ Service is the simple to deploy and manage two factor authentication secure access method that can’t be compromised. In most cases, the issuing and management of the Digi-Access™ Service is simpler than administering a database of usernames and passwords. There are no specialist skills needed to incorporate it into your system(s) as most IT