How do digital certificates prove the identity of a device?

Posted by StackedCrooked on Stack Overflow See other posts from Stack Overflow or by StackedCrooked
Published on 2010-04-23T19:45:06Z Indexed on 2010/04/23 20:03 UTC
Read the original article Hit count: 191

Filed under:

certificate

I understand how the relation between issuer and subject certificates enables verification of the subject's authenticity. If I connect to a networked device, and it sends me its certificate to identify itself, then I can verify that it was issued by a trusted party and that it has not been tampered with in any way. However, suppose I simply upload this certificate onto another device. Then what prevents me from having this device identify itself with the copied certificate?

Related posts about certificate

IIS SSL Certificate Renewal Pain

as seen on West-Wind - Search for 'West-Wind'
I’m in the middle of my annual certificate renewal for the West Wind site and I can honestly say that I hate IIS’s certificate system. When it works it’s fine, but when it doesn’t man can it be a pain. Because I deal with public certificates on my site merely once a year, and you have to perform… >>> More
apache Client Certificate Authentication errors: Certificate Verification: Error (18): self signed certificate

as seen on Server Fault - Search for 'Server Fault'
So I have been following instructions on setting up Client Certificate Authentication in Apache2 w/ mod_ssl. This is solely for the purpose of testing an application against CAA, not for any sort of production use. So far I've followed http://www.impetus.us/~rjmooney/projects/misc/clientcertauth… >>> More
Nginx and client certificates from hierarchical OpenSSL-based certification authorities

as seen on Server Fault - Search for 'Server Fault'
I'm trying to set up root certification authority, subordinate certification authority and to generate the client certificates signed by any of this CA that nginx 0.7.67 on Debian Squeeze will accept. My problem is that root CA signed client certificate works fine while subordinate CA signed one results… >>> More
How to find, whether the certificate is a private certificate or a public certificate

as seen on Stack Overflow - Search for 'Stack Overflow'
I have to write a MSI, where in i have to give only the public certicate. In case the user gives a private certificate, it should pop up an error message. >>> More
Developer certificate vs purchased certificate for WCF

as seen on Stack Overflow - Search for 'Stack Overflow'
I understsand that if I want to use authentication in WCF then I need to install a certificate on my server which WCF will use to encrypt data passing between my server and client. For development purposes I believe I can use the makecert.exe util. to make a development certificate. What is the… >>> More

Developer IT

How do digital certificates prove the identity of a device? - Developer IT

How do digital certificates prove the identity of a device?

certificate

Related posts about certificate

IIS SSL Certificate Renewal Pain

apache Client Certificate Authentication errors: Certificate Verification: Error (18): self signed certificate

Nginx and client certificates from hierarchical OpenSSL-based certification authorities

How to find, whether the certificate is a private certificate or a public certificate

Developer certificate vs purchased certificate for WCF

Categories cloud