ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahudigsig.htm

87 lines
6.2 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Digital signatures" />
<meta name="abstract" content="A digital signature on an electronic document or other object is created by using a form of cryptography and is equivalent to a personal signature on a written document." />
<meta name="description" content="A digital signature on an electronic document or other object is created by using a form of cryptography and is equivalent to a personal signature on a written document." />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu4abunderstanddc.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu02mcertificateauthority.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu0cmcryptogco.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahukeypair.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="dig_sig" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Digital signatures</title>
</head>
<body id="dig_sig"><a name="dig_sig"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Digital signatures</h1>
<div><p>A digital signature on an electronic document or other object is
created by using a form of cryptography and is equivalent to a personal signature
on a written document.</p>
<p>A digital signature provides proof of the object's origin and a means by
which to verify the object's integrity. A digital certificate owner "signs"
an object by using the certificate's private key. The recipient
of the object uses the certificate's corresponding public key to decrypt the
signature, which verifies the integrity of the signed object and verifies
the sender as the source.</p>
<p>A Certificate Authority (CA) signs certificates that it issues. This signature
consists of a data string that is encrypted with the Certificate Authority's
private key. Any user can then verify the signature on the certificate by
using the Certificate Authority's public key to decrypt the signature. </p>
<p>A digital signature is an electronic signature that you or an application
creates on an object by using a digital certificate's private key. The digital
signature on an object provides a unique electronic binding of the identity
of the signer (the owner of the signing key) to the origin of the object.
When you access an object that contains a digital signature, you can verify
the signature on the object to verify the source of the object as valid (for
example, that an application you are downloading actually comes from an authorized
source such as IBM<sup>®</sup>).
This verification process also allows you to determine whether there have
been any unauthorized changes to the object since it was signed.</p>
<p><span class="uicontrol">An example of how a digital signature works</span></p>
<p>A software developer has created an <span class="keyword">i5/OS™</span> application
that he wants to distribute over the Internet as a convenient and cost-effective
measure for his customers. However, he knows that customers are justifiably
concerned about downloading programs over the Internet due to the increasing
problem of objects that masquerade as legitimate programs but really contain
harmful programs, such as viruses. </p>
<p>Consequently, he decides to digitally sign the application so that his
customers can verify that his company is the legitimate source of the application.
He uses the private key from a digital certificate that he has obtained from
a well-known public Certificate Authority to sign the application. He then
makes it available for his customers to download. As part of the download
package he includes a copy of the digital certificate that he used to sign
the object. When a customer downloads the application package, the customer
can use the certificate's public key to verify the signature on the application.
This process allows the customer to identify and verify the of the application,
as well as ensure that the contents of the application object has not been
altered since it was signed.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahu4abunderstanddc.htm" title="View this information to better understand what digital certificates are and how they work. Learn about the different types of certificates and how you can use them as part of your security policy.">DCM concepts</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzahurzahu02mcertificateauthority.htm" title="A Certificate Authority (CA) is a trusted central administrative entity that can issue digital certificates to users and servers.">Certificate Authority (CA)</a></div>
<div><a href="rzahurzahu0cmcryptogco.htm" title="Use this information to learn what cryptography is and how digital certificates use cryptographic functions to provide security.">Cryptography</a></div>
<div><a href="rzahukeypair.htm" title="Every digital certificate has a pair of associated cryptographic keys that consist of a private key and a public key.">Public-private key pair</a></div>
</div>
</div>
</body>
</html>