An introduction to digital certificates

What can you do with a digital certificate?

A digital certificate (also known as a digital ID) allows its owner to digitally sign or encrypt emails.

Digital signatures

A digital certificate can be used to create a digital email signature which proves to the recipient that it came from your email address and that no one has tampered with it in transit. If the digital certificate includes your name then the digital signature also proves that the email came from you as an individual. For official correspondence, this sort of assurance is very valuable.

Some software applications allow you to use a digital certificate to apply a digital signature to documents you have created or approved. For instance 3 lets you digitally sign documents (though make sure you finish editing a document before signing it, as any change at all will invalidate the signature) and Adobe Acrobat X has sophisticated support for signing documents with digital certificates.

Email encryption

If you have a digital certificate for an email correspondent, you can use their certificate to encrypt the email you send to them. Once you have used a digital certificate to encrypt a message, only the owner of that digital certificate will be able to decrypt and read the message. Encryption makes it impossible for the message to be read by anyone who intercepts it in transit. This is critically important when sending sensitive documents such as personal details, financial details, and legal documents.

How does a digital certificate work?

A digital certificate consists of a public key and a private key. The public key can be safely shared and is sent out to people as part of signed email. The private key must be kept safe by the owner of the digital certificate, and the owner must make sure no one else is ever able to access the private key. These keys are in fact just huge prime numbers which can be used in combination to sign or encrypt messages in a process known as public-key cryptography.

When a message (be it an email or a document) is digitally signed, the owner's private key is used to calculate the message signature. Then the public key, of which the owner's correspondents have a copy, can be used to check that the message signature is authentic.

When a message is encrypted, the recipient's public key is used to scramble the message, so that only the recipient can decrypt it by using their private key.

Why are digital certificates necessary?

When you send an email across the internet, it will pass through several servers on its way to the recipient. For instance, the email has to pass through one or more servers belonging to your internet service provider, and each recipient's provider. If a rogue agent gains access to these servers, either by working for the provider company or by hacking into the company systems from outside, then they can intercept email passing through the servers. This allows the intruder to read and modify email messages that are sent without security.

Digitally signing an email stops anyone tampering with it, because any tampering will break the signature, and the recipient's mail software will not show the message as having a valid signature once it arrives. Encrypting an email stops an interceptor from reading it, as they won't have the owner's private key which is needed to decrypt the message. Note that the subject line of an email message is never encrypted, so sensitive details must not be put into any email subject line. (In fact no header fields in an email get encrypted, only the message body itself.)

How do I get a digital certificate?

There are two ways to get a digital certificate: buy from a trusted company or create your own.

Buying from a trusted CA

A trusted certificate authority (or CA) is a company that sells digital certificates which are recognised by the majority of web browser and mail client software. This means that the certificates they sell are immediately trusted as valid by software such as Firefox, Internet Explorer, Outlook, and Thunderbird. If you buy from a CA which is not recognised by the software that you or a recipient use, then the software will likely warn that there is a problem with the certificate, that it cannot be verified as authentic. Then you have to manually verify the certificate (which can be difficult) and tell your software to trust it.

For this reason, it makes sense to purchase certificates from a trusted CA. Web browsers and mail clients come with a list of CAs which they trust, and you can usually see this list. For instance, in Thunderbird go to the "Edit" menu, then "Preferences". In the preferences window, select the "Advanced" icon and then the "Certificates" tab. Click the "View Certificates" button and then the Certificate Manager will appear. Click on the "Authorities" tab and you will be shown a list of certificate authorities which Thunderbird trusts. Before you buy a certificate from a CA, make sure to check that your mail client, and the mail clients of your typical recipients, recognise and trust that CA.

If you want your name or company name to be written into the digital certificate, thus proving your identity to email recipients, a decent CA will require you to prove your identity to them. This might involve sending them identity documents, or turning up in person to meet with a notary who can verify that you are who you say. This will cost more than a simple digital certificate (which carries only your email address) but the extra cost may be worthwhile if you regularly need to conduct online business.

Self-signed certificates

You can create your own self-signed certificates (where you act as your own certificate authority) and use these for email signing and encryption. The method for doing this varies between operating systems and mail clients. However, because you are not a trusted CA, the mail client software used by your recipients will warn that your self-signed certificate cannot be verified as authentic.

For this reason, it's not recommended to use self-signed certificates unless you know the recipient well, and they know how to verify that the certificate is authentic. Note that simply emailing a new self-signed certificate to someone is not secure, because the recipient won't know whether someone has tampered with the certificate in transit. This is why a trusted CA is recommended: they digitally sign your certificate so that mail clients can automatically verify with the CA that the certificate is authentic.

How do I use a digital certificate?

Installing a new certificate

Once you've purchased a digital certificate from a trusted CA you will be given instructions on how to download it from the CA's website. Usually this involves logging into an online account you've created with that CA and then visiting a certificate download page. To download the certificate successfully, you need to be using a supported web browser (the latest versions of major browsers such as Firefox, Opera and Internet Explorer ought to be fine, but check the requirements on the CA's website). Once you trigger the download, your web browser will fetch the digital certificate, and may even be involved in calculating your public and private key values. Then the browser will store the new certificate, and may ask you to create a master password for the safe keeping of your private key.

I strongly recommend you use a strong password to protect your digital certificates. If you don't use a password, or if you choose a short, obvious, or easy-to-guess password then you leave yourself at risk of having your private key stolen. And if someone else has your private key they can digitally sign emails and documents in your name, and decrypt private messages encrypted with your public key. So the security of your digital certificates must be taken very seriously.

Often the digital certificate vault used by your web browser will be available to your mail client. For instance, Mozilla Firefox shares a certificate manager with Mozilla Thunderbird (so long as you know the master password). And Microsoft Windows has a system that shares digital certificates between Internet Explorer, Outlook, and so on. But if this is not the case, you can tell your web browser to export or backup your new digital certificate (using a strong password for protection) and then import it into your mail client.

Using the certificate to secure email

Once your digital certificate is installed in your mail client, you can usually sign an email by just clicking on a menu option or toolbar button. In Thunderbird you just click on the "Security" drop-down (the little down arrow) on the toolbar and select "Digitally Sign This Message".

To encrypt an email message you need to have a digital certificate belonging to each intended recipient. Your mail client may automatically store the digital certificate for each person who has sent you a signed email message, or you may have to manually choose to store each certificate you receive from correspondents. You will probably also have to have a digital certificate of your own, as mail clients such as Outlook and Thunderbird do not allow you to encrypt an email message without also signing it with your own certificate. (Otherwise someone could modify the encrypted message in transit and the lack of a signature would make it impossible to detect such tampering.)

How long does a digital certificate last?

Most digital certificates are valid for a year or two. This is partly because each trusted certificate authority wants to guarantee a regular income, but also because it's never safe to assume that a security object such as a password or digital certificate will never be compromised. Changing digital certificate regularly stops a stolen certificate being indefinitely useful.

Once a digital certificate has expired, it is no longer trusted. This means that old email signed by an old certificate is no longer trusted, as your mail client will warn you that the certificate used to sign the email has been revoked by the CA.

If you have received encrypted email messages then bear in mind that if you delete old certificates once they have expired, you will no longer be able to decrypt messages which require the old certificate. Make sure you save unencrypted copies of valuable email messages if you don't want to risk losing the ability to read them.

You can also have one of your certificates revoked early if you suspect that it has been stolen by an intruder (by malware on your PC, for instance). Mail clients and web browsers are usually configured to check whether a certificate is still valid, so that a certificate which is revoked should no longer be accepted.

Adoption of digital certificates

About eight years ago I joined the Thawte Web of Trust, a system which offered members the ability to get their identity verified by established members. As a new member you would head into town to meet existing members and they would check that you matched the photo on your passport, then they would login to Thawte's system to assert your identity. Once you'd been verified by enough members you could login to Thawte's system and generate digital certificates which carried your full name. If you had your identity verified by enough members, you then gained the ability to verify the identity of new members.

I thought that the Thawte Web of Trust, which was completely free, was a fantastic system. Sadly it was discontinued in 2009, probably due to the cost of giving away free digital certificates. I can't say that I'm entirely surprised that it's gone, but what does surprise me is that digital certificates still haven't been adopted more widely.

The average PC user may read this page and decide that they have no need for a digital certificate of their own, so it's not wholly surprising that most people have little or no knowledge of email signing and encryption. But it does seem strange that big companies are not using digital certificates to secure their email messages.

Most email scams rely on the average user being unable to tell whether or not an email is from who it claims to be. If every serious company used digital email signing, which they could do very easily, then users would simply have to check that the email was digitally signed by their bank, card company, tax office, social networking site, etc.

It also surprises me that digital signatures have not become more prominent in business transactions. Possibly this is because of uncertainty about whether or not a cryptographic digital signature is legally binding, and the answer to this will vary from one country to another (and possibly from one court room to another). I certainly feel that it's time that documents signed by a digital certificate should be legally binding, because an email signed by a digital certificate (issued by a trusted certificate authority) offers far stronger proof of acceptance than an electronic scan of an ink-signed piece of paper. Graphic signatures can be easily copied and pasted from document to document, making them worthless. But a digital signature is calculated from the specific message to which it is attached, and it is impossible to copy it to another document without making it invalid.

My guess is that use of digital certificates will become increasingly common, but it's taking longer than I expected when I first joined the Web of Trust all those years ago.