digital certificate (digital ID)

The digital equivalent of an ID card used in conjunction with a public key encryption system. Also called "digital IDs," digital certificates are issued by trusted third parties known as certification authorities (CAs) such as VeriSign, Inc., Mountain View, CA (www.verisign.com) after verifying that a public key belongs to a certain user (company or individual). The certification process varies depending on the CA and level of certification. Drivers licenses, notarization and fingerprints are examples of documentation.

The digital certificate typically uses the X.509 file format and contains CA and user information, including the user's public key (details below). The CA signs the certificate by creating a digest, or hash, of all the fields in the certificate and encrypting the hash value with its private key. The signature is placed in the certificate.

The process of verifying the "signed certificate" is done by the recipient's software such as a Web browser or e-mail program. The software uses the widely known public key of the CA to decrypt the signature back into the hash value. If the decryption is successful, the identity of the user is verified. The software then recomputes the hash from the raw data (cleartext) in the certificate and matches it against the decrypted hash. If they match, the integrity of the certificate is verified (it was not tampered with).

A signed certificate (the digital certificate) is typically combined with a signed message, in which case the signature in the certificate verifies the identity of the user while the signature in the message verifies the integrity of the message contents. The fact that the message is encrypted ensures privacy of the content.

I think this is what you are referring to.

this is what I understand in this context