About cryptographic certificates.

What are cryptographic certificates.

Cryptographic certificates as the name suggest are a cryptographic version of paper certificates. Certificates are attestations to facts, these facts can be academic accomplishments, product specifications or activity completion. Most of us have earned a certificate at some point in our life, for instance your highschool diploma is a certificate.

Typically a certificate is issued on a piece of paper which is meant to be tamper proof via the inscription of some insignia, for instance a school's seal. A cryptographic certificate is the digital version of a paper certificate that uses cryptography to ensure its integrity.

notification_important You don't have to know anything about cryptography to use Certisfy!! The app is easy to use and provides simple guides to help you use it.

How certificates are used.

Certificates can be used for just about any scenario where you need to prove the authenticity of information and authenticity of the ownership of that information. You would typically give the certificate to someone whe ask for proof (for instance present to facebook to prove your real name).

The entity you give the certificate to would check to confirm that the certificate is valid and trustworthy. They'll also ask you to prove that you are the owner of the certificate, in other words that you haven't stolen the certificate and trying to use it illegally.

The scenarious to which certificates can be applied are extensive, below are some examples of common use cases.

check Cryptographic drivers license or state ID check Parental proof. check Academic transcript check Authenticate the source of news information to prevent fake news. check Location verification (using cryptographic licenses for instance). check Age verification. check Celebrity Autographs. check Prevent scams on CraigsList. check Prevent e-mail spam.
How do I get a certificate

It's easy, you can make a certificate for yourself! Of course self issued certificates will not be useful to most people. In the same way that you can make your own currency but others won't accept it, it's unlikely that anyone would accept your self issued certificate.

Self issued certificates are for entities that are already trustworthy, for instance, the government that issues currency which is accepted because people trust the government.

Another example of an entity that can issue itself a certificate would be your local police department. That self issued certificate can then be used to issue certificates to police officers and those police officers can use their certificates to issue cryptographic versions of your drivers license or state ID to you.

Any entity that can be considered independently trustworthy can create self issued certificates and use them to issue other certificates. This type of use of a self issued certificate is a delegation of trustworthiness. A police department that uses its self issued certifcate to issue certificates to individual officers is delegating trustworthiness to those officer's certificates.

An entity that can create a self issued certificate and use it to issue trustworthy certificates is called a trust anchor.

There are a lot of entities that can serve as trust anchors, these are mostly organizational entities but they may well be individuals. A lot of government agencies, educational institutions law/judiciary institutions could all serve as trust anchors.

Below are some examples of trust anchors.

check Police departments. check Government agencies, ex DMV, SSA, IRS. check A notary public. check A school, college, university check Any well known person with a website.
How certificate trustworthiness works

The police department is a trusted entity, they can issue themself a certificate. The police officer isn't an independently trustworthy person, he/she gains the public's trust by being affiliated with the police department. So police officers will get their own certificates from their department, just like the badge! A civilian is a random person who cannot be trusted by the public, but if they have a certificate for a cryptographic drivers license or state ID issued by a police officer, it can be considered a trustworthy certificate because it came from a police officer.

Now let's say the certificate the police officer issued to a civilian is a certificate that says the person is a parent of two children; assuming the certificate has the kids name and date of birth, the parent can now issue the kids permission certificates to play fortnite!!

A police officer can use their department issued certificate A random adult claiming to be a parent cannot be trusted (he/she could be a deliquent enabler, like the older friend that used to buy beer for you as a teenager). However if that person has a parental certificate, issued by a police officer, you can trust their certificate. If a kid tries to access fortnite (or any kind of online service (or even IRL service)), the kid cannot issue themselve a certificate(they'll try), but if the certificate they have was issued by a parent using a valid parental certificate, fortnite can accept it!
{{ new Date().getFullYear() }} © All Rights Reserved. Cipheredtrust, Inc