42.3. Certificates

Certificates are available as an extension to the concept of public and private keys. In this case, the public key is digitally signed by a certification authority (abbreviated CA), digitally. For larger systems, this enables a remote system to use the digital signature to determine whether a key is valid without the key itself being installed beforehand.

For the Intra2net system, such a certification body generally has few advantages, but the Intra2net system consistently uses the certificate standard X.509. This standard has become established in practice instead of simple public/private key pairs.

In order to simplify the operation, the Intra2net system normally generates self-signed certificates, where the holder (called a subject) is also the certificate issuer. Therefore, no additional steps for the use of certificates are necessary. Of course however, external certification bodies can also be used.