Networking Fundamentals, 3rd Edition page 457

Copyright Goodheart-Willcox Co., Inc. 457 Chapter 15 Network Security data such as the user’s name and e-mail address, the public key value assigned to the user, the validity period of the public key, and issuing authority identifi er informa- tion. Th e encryption/decryption process is demonstrated in Figure 15-11. Suppose Station1 wants to send an encrypted message to Station2. Station1 applies for a digital certifi cate from a CA. Th e CA issues a digital certifi cate, which contains the user’s public or private key and security identifi cation information known only to Station1 and the CA. Station1 uses the private key to encrypt the message. Station1 can now send a message to Station2. When Station2 receives the message, it uses the public key to decode the encrypted message. If Station2 sends an encrypted reply to Station1 using the public key, Station1 will decode the reply using the private key. Figure 15-10 The CA issues a private key to the private key owner and then issues public keys to public key users approved by the private key owner. Certificate Authority (CA) Private key owner Private key owner must approve all public key holders before public keys can be used by the CA. Public key user Public key user Public key user Public key user Public key user Goodheart-Willcox Publisher Figure 15-11 Station1 applies for and receives a digital certificate from the CA. Station2 uses the public key provided by the CA to decode the message and to verify the sender is really Station1. After verifying and receiving the message from Station1, Station2 can send an encrypted reply to Station1. Certificate authority issues the encrypted digital certificate. Station1 applies for a digital certificate from the CA before sending a message to Station2. Station2 obtains a public key from the CA to decode the message from Station1. Station1 Station2 Internet (workstation icons) RedlineVector/Shutterstock.com (server icon) fullvector/Shutterstock.com Goodheart-Willcox Publisher DigiCert is one of the largest commercial digital certifi cate companies in the world. A certifi cate from DigiCert can be obtained by applying for one at their web- site. Figure 15-12 shows a DigiCert security certifi cate. Th e list of protection services off ered by this particular certifi cate is visible to the user. In Figure 15-13, some of the details about this certifi cate can be seen. Looking closely, a user can see the validity period of the certifi cate, the particular algorithm used, and the length of the public key, which is 2048 bits.

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 457 (479 of 720)

Resources and Downloads

Help