tags:

views:

274

answers:

2
Q: 

What is the difference between signing Certificate and Encryption Certificate?

What is the difference between between signing certificate and encryption certificate?

I see that signing certificate cannot be used for encrypting the data only encryption certificate. What is the technical difference? Does both have public key and private or only encryption cert will have PP key?

A: 

The only difference is the value of the purpose field in the certificate. The issuer of the certificate chooses for what purpose the certificate is created.

Richard  2009-09-15 09:05:22
I acknowledge your answer with thanks.But how does the value or attribute limits the functionality of the certificate? Encyrption certificate will not be used for signing and siging for encryption? when we have both public key and private in both certs how will it be limited?
 2009-09-15 09:09:54
The certificate says what it can be used for. The applications doing the signing and verifying check the purpose field. If you wrote your own tool chain you could ignore that field --- but would give errors for anyone else. There is nothing in the underlying signing algorithm that is changed by the purpose (which converts a byte stream into another array of bytes).
Richard  2009-09-15 10:28:03
A: 

A certificate contains only the public certificate. Nothing can stop you from using the private key for whatever things you want to do with it.

As said before, a certificate is for the other party to deal with - after you have signed or encrypted something, the other party needs to make the decision if it is happy with it. It then checks the certificate and its flags to make sure it could be used for the operation, under the policy set for the other party.

martin  2009-11-07 14:26:15

related questions

How to set up SSL in a load balanced environment?
Infrastructure required for a large Scale PHP Project
How do VoIP services connect to landlines?
SharePoint Infrastructure Update Authentication Issues
What are the most important infrastructure components in large-scale development?
Why is it not advisable to have the database and web server on the same machine?
Keeping applications and infrastructure connected
Existing Server Storage Management Software Solutions?
Architecture recommendation for load-balanced ASP.NET site
Best infrastructure for a situation
Best way to organize a subversion repository of many small projects
If a site has 2 load balancers for redundancy reason, which one should the DNS points to?
Whats the best SAP ERP infrastructure architecture?
How to dynamically create sub-domains with different IP than the original domain correctly and efficiently?
What's the best solution for file storage for a load-balanced ASP.NET app?
What's most important when you need to establish a software development infrastructure in your company?
What are the minimum security precautions to put in place for a startup?
Benefits and Hindrances of Regular Server Reboots
Working around development constraints in customer policy
Sharing data between remote locations
Server farm Shutdown
Best way of using Scrum and Sprint for Infrastructure improvement
Creating a stage environment on network with port 80 blocked
Infrastructure for a software project
book on... System Archaeology