buscar

Advanced electronic signature services
Secure and confidential electronic transactions

HomeCompanyCertification AuthorityFrequently Asked Questions

Certification Authority

Frequently Asked Questions

What is an electronic certificate?

A document signed electronically by a certification services provider that links signature verification data to a signer and confirms their authenticity. A Certificate Services provider such as Edicom identifies the public key of the certificate with its owner and makes it known to all those wishing to contact them. The certificate’s private key is only known to its owner.

What is an electronic certificate for?

It lets you identify the parties in an electronic communication and exchange encrypted information to ensure data confidentiality and sign documents electronically to prove the integrity and source of the information.

What is the role of a Certification Authority?

A Certification Authority is a body authorized by the public administration to issue electronic certificates and assume responsibility for ensuring the veracity of the data in the digital certificate. EDICOM is an accredited Certification Authority for Europe and Mexico.

What is asymmetric or single key encryption?

A cryptography system to encrypt data with a key, which must likewise be used to decrypt them.

What is asymmetric or public key cryptography?

In this system there are 2 keys:

  • One private key for data entry, known only to the certificate holder;
  • Another public key, which is given out and allows decryption of the data. The key pairs issued work in such a way that only the information encrypted by the private key can be decrypted by the public key and vice versa.

This way, messages encrypted with the private key may be decrypted by the public key, allowing accreditation of document authenticity and originality.

Similarly, data encrypted with the public key can only be decrypted with the private key, ensuring confidentiality in communications with the certificate holder, as the only one with said key.

What types of certificates are available?

There are several types of certificates depending on the use to be made of them and the security level inherent in the communications. There are recognised signature certificates on secure devices which call for the use of a device such as a cryptographic card where the key information is kept. Likewise, there are certificates on software supports which may be acknowledged or not, and which may be installed directly in a terminal with no need for cryptographic cards or additional software.

What is an acknowledged certificate?

A certificate which demands accreditation of the physical or legal person from the authority responsible for issuing the electronic certificate. In this type of certificate the holder’s identity is checked with the Certification Authority, which responds to third parties for the holder's authenticity.

What is an electronic signature?

A dataset associated with a message that ensures the signer's identity and message integrity.The signature process uses asymmetric or public cryptographic techniques.

What does revoking a certificate mean?

It means cancelling its validity prior to the expiry date. Revocation may be requested at any time, particularly when the holder thinks that their private keys may be known to others, taking effect as of the revocation date that figures along with the certificate serial number in a document signed and published by the Certificated Authority.

What is a CRL?

A CRL or Certificate Revocation List is a directory where all the certificates that have been revoked or suspended prior to their expiry date by the Certification Authority are published. CRL lists are stored in a public repository accessible to all EDICOM Certification Authority users.