r

Security: Digital Certificates on RedCorp e-Store

RedCorp e-Store is secured with Belgacom E-Trust High Grade Server Certificate (SSL):

Secure Server Certificate (SSL) that guarantees authentic and secure communications with servers in the context of E-commerce for example. It allows a high level of guarantee due to the required presence of the server responsible during registration.

For your first order on RedCorp e-Store, you will receive a message asking you confirmation for the use of the Belgacom E-Trust Certificate. Simply accept the certificate to complete your secure order.

High Grade:

This certificate provides the highest level of guarantee of correct authentication since the physical presence of either a legal representative or the webmaster of the applying company is required at a Local Registration Authority (LRA).

Description:

Face-to-face requested certificate providing high level of guarantee for the binding between a "Server" identity and its public key. It certifies the belonging of the certificate server to a company or organisation.

Usage:

  • You can ensure confidential and secure communications between your server and your customers who will have the assurance of your identity while implementing secure server-brower SSL sessions (or TLS). When connecting on or communicating with a Digitally Certified Server, browsing users can check out the certified identity of the server and its certified belonging to a company.
  • Your server can also require that the browsing users have a digital certificate for mutual authentication
  • You will need a High Grade Server certificate when using digital certificate based security solutions to enable your server to implement digital signatures and/or encryption while sending sensitive information to other servers or applications. Such security solutions are available from Belgacom E-Trust, check out our Belgacom E-Trust Crypto Server Module and our Belgacom E-Trust Secure Web-Forms solution.

The concept: How does it work ?

Security solutions using digital certificates rely on public key cryptography in which each user has a pair of cryptographic keys: one private key that is kept private by the user, and one related public key widely made public.

A Digital Certificate is a digitally signed statement that certifies the binding between the owner’s identity information and his/her electronic public key.

This certified public key can be used to encrypt confidential information to the certificate owner and/or to verify digital signatures generated by the certificate owner. The certified public key is linked to the private key of the certificate owner in such a way that:

  • A digital signature is computed from the message and the private key of the signer. It is a small size coded file appended to the signed message. Verification of a digital signature involves the certified public key of the signer. If the check succeeds, the recipient is convinced about its origin and has the guarantee that nothing has been modified in the message since the signature process.
  • Confidentiality is obtained from the ciphering of the message with the certified public key of the recipient. The only way to decrypt a ciphered message is to use the corresponding private key that is supposed to be known only to the certificate owner.

Digital certificates provide thus solid assurance that a public key actually belongs to the right entity whose identity has been certified by a Certification Authority, a known trusted third party, which controls and confirms the accuracy of the binding between a public key and its legitimate owner.

Digital certificates are the Internet passports that prevent you to disclose confidential information to unauthorised persons, and/or to accept an imposter’s digital signature as authorisation for a critical electronic business transaction.

Belgacom E-Trust Digital Certificates

Digital certificates are the Authentication tools that are used to secure all your Internet activities, e.g., web browsing, personal or professional secure messaging, access control to personal, private, confidential or financial information, to secure on-line commercial transactions of all kinds over the Net, and to secure any Web-based Browser-Server application. Belgacom E-Trust Certification Authority delivers different types of certificates depending on

  • the identity of the certificate owner: either an individual (person) with a "citizen" (personal) identity or a "business" (professional) identity, or an SSL Server;
  • the required assurance level: high level of assurance requiring personal presence during registration (High Grade), or medium level of assurance allowing users to register on-line via Web or E-mail interface.


©RedCorp 2002
webmaster@redcorp.com