Ingeo Education Series
Digital Certificates and Certificate Authorities

To some people, trust and security might seem like contradictory terms. We implement security measures—locks on doors, guards in lobbies, encryption on computer files—to serve as barriers to people we don't trust. In the business of Internet commerce, though, security measures actually create trust. The public, volatile nature of the Internet has made many people hesitant to use this global network as a tool for business.

Since business solutions like Ingeo's Electronic Recording System use the Internet as the prime mode of communication, it is essential that all parties trust each other—and trust the system. One of the most useful methods for providing trust and security for digital documents is the digital signature. In order to create a digital signature, it is first necessary to obtain a digital certificate.

A digital certificate is an electronic identity card that empowers its holder to create digital signatures that can be reliably trusted by others. A digital certificate is accompanied by special encryption keys that help create and validate digital signatures. The certificate and its corresponding keys are sometimes refered to as a digital ID.

Digital certificates are issued by certificate authorities (CAs). CAs are companies that act as the ultimate source of authentication for digital documents, similar to passport agencies or the local DMV in the paper world. The digital certificate is the linchpin of trust for the digital document industry. Even if we don't fully comprehend the technology involved, we can understand the basic mechanisms of digital documents by comparing them to the paper standard.

Documents: medium and content

From the Mayflower Compact to the Declaration of Independence, and up through the new millennium, this country has thrived on documents created on paper and signed with ink. Documents change people's lives—that is why they are so important to us.

Documents are much more than the sum of ink and paper. There is little physical difference between your last will and testament and a photocopied flyer for a quick weight loss program left on your windshield at the mall. But the will might be kept in a fireproof safe, while the ad is likely to be thrown in the recycling bin without a second thought. What makes a document important is not the medium, but the content.

A legal document is carefully worded, signed and witnessed, and establishes a specific state of affairs. The agreement might involve money, property, business, or personal matters—or a combination of any of these. While the carefully typed or printed text of the document is important, it's not nearly as important as the handwritten scrawl that makes the document "real."

Signatures: ceremony and security

Signatures are interesting things. Sometimes simple, often quite elaborate, they serve as both stamps of approval and security devices. This two-part nature of signatures makes them almost sacred in our culture.

The act of signing a document is essentially ceremonial. When you memorialize an agreement with a signature, you acknowledge your assent to the words in the document. Whether the document is a marriage license, a lien waver, or a check for the phone bill, a signature allows you and others to reference and reinforce the agreement. When signed, a document is said to be executed, meaning that it is in full force and effect.

The security aspect of signatures is often overlooked and generally misunderstood. Handwritten signatures are used because they are easy to create, but relatively difficult to fake. A person's idiosyncratic signing style varies slightly from signature to signature, discouraging the "copy and paste" method of forgery. In spite of these differences, document forensics can be used to establish that different signatures came from the same person.

The essential goal of a signature is nonrepudiation. According to the Institute for Telecommunication Sciences (ITS, a branch of the U.S. Department of Commerce), nonrepudiation is "the capability, in security systems, that guarantees that a message or data can be proven to have originated from a specific person." 1 Nonrepudiation protects all parties to an agreement.

For example, if Dick agrees to sell his 1973 Gremlin to Jane for $47, both have an interest in making sure the terms are set in a written agreement. There is always a possibility that an agreement could be disputed. Dick could claim that Jane forged his signature to get a great deal on a classic car. Or, Jane could claim that she never agreed to buy the Gremlin; she could say Dick is trying to unload the car and extort $47 from her. The signatures on the sales agreement prevent either Dick or Jane from disputing the document—at least theoretically.

In reality, wet signatures provide only moderate protection for paper documents. Conclusively validating a paper document and its signature requires an expert document examiner. This is the reason for the additional elaborate safeguards—witnesses, notaries, watermarks, and so on—that we use for critical documents.

Another way we protect our agreements is by keeping track of the piece of paper itself. With paper documents, much emphasis is placed on original documents, on filing documents in person, and on preventing unwanted access to important papers. We are also accustomed to trusting materials we receive in the mail, or by respectable courier services such as UPS or FedEx. Though documents received by post or courier are not above reproach, these services provide methods—such as return addresses, postmarks, and tracking numbers—to determine where they came from.

Electronic documents

Electronic documents offer many benefits over paper. Since they are not bound to a physical object, they can be sent across long distances almost instantly. They take up very little storage space, and can be archived efficiently and quickly. Because they are easily duplicated, they are not as vulnerable to loss and fire. However, the very intangibility that recommends e-documents can make some people uncomfortable with them.

The point of origin for electronic documents is often difficult to pin down. Since an e-document typically goes through a whole array of switches and routers while traveling from one location to another, there is always a possibility that it might be intercepted and altered between Point A and Point B.

Because of the uncertainties with e-documents—especially those that are transferred over the Internet—they are held to a much higher standard than their paper-based counterparts. Technologies such as firewalls, proxies, and secure sockets layer (SSL) add a degree of trust when dealing with e-documents. But the most powerful level of trust in digital documents is provided by digital signatures.

Digital signatures

Any discussion of what digital signatures are must first address what digital signatures are not. Digital signatures are not digitized signatures, which are computerized images of a person's handwritten signature. Digital signatures use sophisticated encryption algorithms to validate a person's identity and protect a document's content. Comparing digital signatures to wet signatures is like comparing concrete to cardboard. Only one of them is virtually bulletproof.

Digital signatures are powerful because they use asymmetric encryption, which requires two numeric passwords (or keys)—one to lock and one to unlock. With asymmetric encryption, one of the two keys will always be private and one key will always be public. This might seem counter-intuitive, since "security" is often considered synonymous with "secrecy." With digital signatures, though, the intent of the encryption is not to keep the document secret. Instead, it provides a way for anyone receiving a document to validate both the content and the identity of the signer.

Digital signatures rely on hash functions, algorithms that enable the mathematical fingerprinting of an electronic document. Any document of any length can be processed through a hash function to create a document fingerprint. Because of the calculations involved, even the addition of a space or deletion of a comma in a 50-page document would result in a very different document fingerprint.

Here is what happens when a person uses an encryption key to sign a digital document:

1. The document is first processed through a hash function. This action results in a document fingerprint (also known as a message digest), which is unique to the document.
2. The document fingerprint is encrypted using the signer's private key, resulting in a digital signature.
3. The digital signature and the original document are combined into a single file: a signed digital document.

Once an electronic document is signed, it can be sent by e-mail, stored in an electronic archive, and otherwise handled like any other computer file. Before a signed digital document is accepted as legitimate, it must be validated:

1. The signer's digital certificate is obtained, either from within the document itself or from an online public depository maintained by the issuing certificate authority. The certificate itself is validated to ensure that it is the appropriate type of certificate, that it has not expired, and that it hasn't been revoked.
2. The signer's public key, which is contained in the digital certificate, is used to decrypt the digital signature. This unlocks the document fingerprint hidden inside.
3. The hash function is again applied to the original document, resulting in a second document fingerprint.
4. The two document fingerprints are compared. If they match, this proves that the document that was received is identical to the document that was originally signed.

Thus, there are three points by which a signed digital document could be invalidated:

• If the signer's digital certificate turns out to be invalid
• If the public key used to verify the document doesn't match the private key used to sign it
• If the document or signature has been tampered with, and the document fingerprints don't match

If any of these three things occur, the entire document is considered suspect. If, somehow, the signer's private key is stolen or otherwise compromised, a forged signature may pass these tests without notice. This emphasizes the importance of keeping private keys safe.

Thus, symmetric cryptography (single-password encryption) is like a child-proof cap on a prescription pill bottle. It protects its contents from unauthorized access, but is easy to get into once you know the trick. Asymmetric encryption, as used with digital signatures, is more like the protection on over-the-counter medicine: the shrink-wrapped outer layer, the plastic seal around the bottle, and the foil under the cap. None of these physical barriers keeps anyone out; they simply tell you if anyone has been in. If a digital document is invalidated, this is equivalent to buying a bottle of aspirin and finding that the plastic seal or inner foil has been removed. The tampering is evident, and the product should be discarded.

Digital certificates

A digital signature is created using a private key and validated using a public key. But where do these come from? Both keys are generated during the process of issuing a digital certificate.

The Ingeo Electronic Recording System—and most other applications that use digital signatures—requires a digital certificate that complies with the X.509 standard. The first version of this standard was defined in 1988 by the International Telecommunications Union (ITU). Currently in version 3, this standard determines the information that is included in a certificate and how it is formatted. A digital certificate usually contains the following information:

• The name of the certificate holder
• The holder's contact information, including e-mail address, street address, city, and state of residence
• The holder's public key
• The certificate's date of issue and date of expiration
• A validating digital signature generated by the certificate authority

Though most digital certificates today conform to the X.509 standard, not all certificates are created equal. Most CAs offer a range of different certificates, tailored for specific applications. Different grades of certificates require different levels of identity authentication (similar to the different security levels for military or government service). Here are the most common types of certificates:

Personal certificate: The lowest grade of certificate, personal certificates do not require any identity authentication. These certificates can be used to send encrypted e-mail messages, but do not guarantee the identity of the person using them.

Business-grade certificate: These certificates are commonly used in business-to-business and business-to-government transactions, and are the standard for signing documents within the Ingeo Electronic Recording System. Business-grade certificates require in-person verification of an applicant's identity, generally with multiple forms of identification (driver's license, passport, social security card, and so on). Restrictions may be placed on these certificates to limit the types of transactions they can perform.

Notarial certificate: Notarial certificates are used to digitally notarize electronic documents, and are restricted to public notaries who have been approved to handle e-documents. For some kinds of documents, a notary public must witness the creation of a digital signature, and acknowledge the event by digitally notarizing the document. The notary's witness—a second digital signature—creates yet another layer of trust when the document and signature are validated. A notarial signature is required for notarizing documents within ePrepare, the tool for mortgage servicers and loan originators within the Ingeo Electronic Recording System. Issuance of a notarial certificate requires an active notary commission in addition to in-person authentication of identity.

Server certificate: This type of certificate is issued to a machine rather than a person. Server certificates are used to establish secure connections between servers and client computers with secure sockets layer (SSL) technology. The Ingeo Electronic Recording System—and any e-commerce system that handles credit card numbers and other sensitive information—requires a server certificate to protect transmitted data.

The process of acquiring a digital certificate—and generating the related public and private keys—requires some important decisions. Consider Sara, who works for a title company and wants to be able to digitally sign electronic real estate documents. Sara needs to do a little research to find a CA that offers a certificate that meets her needs. Once she has chosen a CA, she's ready to apply.

1. Before a certificate can be issued, Sara must prove her identity to the CA's satisfaction. Sara will need to make an appearance in the CA's offices, with her personal identification in hand. Alternatively, she may be asked to present identification to a separate company called a registration authority (RA). RAs act as agents for CAs, checking applicants' credentials and then making a recommendation about whether to issue a certificate.
2. Now Sara is ready to generate her public and private keys. Her CA will direct her to a web page that will facilitate the process. Though the keys are created within a web browser, the actual key generation is done on Sara's own computer by software built into her browser program. None of the private key information ever goes out on the Internet, and no remote server is involved. The private key is encrypted and stored on Sara's hard drive (or on an external device such as a smart card, USB token, or floppy disk), and the public key is held in memory for the next step.
3. Sara now fills out a certificate request, supplying her personal and professional information. When she instructs the browser to send her request to the CA, her browser inserts the public key into the request form and forwards this information to the certificate authority.
4. Once the CA receives Sara's request, it has everything it needs to issue the certificate. If Sara's credentials check out, and the certificate request is complete and formatted correctly, the CA issues the certificate.Note that Sara never reveals her private key to the CA—or to anyone else. The security of the whole system depends on both the secret nature of private keys and the accessible nature of public keys.

Public Key Infrastructure

The technical side of certificates and signatures—the standards that have been established, and the mathematics involved with keys, hashes, and encryption—is just part of the picture. Technology provides the tools, while Public Key Infrastructure (PKI) provides the trust. PKI is a cooperative framework of companies, laws, and technical standards that fosters trust in the day-to-day use of digital signatures. The infrastructure involves anyone connected with:

• Issuing and administering digital certificates
• Verifying and vouching for the identity of certificate applicants
• Linking key information to digital certificates
• Ensuring the security of keys and encryption technologies
• Promoting and supporting the infrastructure

Building on legislation that promotes electronic documents for business and government use, PKI continues to refine its core technologies and procedures. Most importantly, the industry provides guidelines for its most important business type: the certificate authority.

Choosing a certificate authority

The primary job of a certificate authority is to issue and maintain digital certificates. But there are many related tasks that are just as important. CAs must verify the identity of their customers before issuing certificates, and must also protect confidential subscriber information. Issuing a certificate is just the beginning. Certificates must be updated, renewed, published, disabled, suspended, and revoked. Careful records must be kept to ensure that trust is not misplaced by relying on invalid certificates.

Many different considerations factor into selecting a CA.

Practical needs: If you are acquiring a digital certificate for a specific purpose, make sure that the certificate you purchase fills that need. Be certain that the certificate is the correct grade, and that it conforms to the X.509 (version 3) standard. If you will be using the certificate with Ingeo's Electronic Recording System, it's a good idea to check with Ingeo to see whether the specific certificate type has been tested and deemed fully compatible with the system.

Accreditation: Two important pieces of legislation, the Uniform Electronic Transaction Act (UETA) and the Electronic Signatures in Global and National Commerce Act (E-SIGN), have recently been enacted to sanction the use of digital signatures and electronic documents by both government and private organizations. In spite of this, state laws regarding digital certificates and certificate authorities are somewhat less than uniform. A state may require that CAs be accredited to issue certificates in that state. Some states mandate that a CA comply with a specific set of procedures and responsibilities. We recommend that you consult with your institution's attorney and your state's electronic commerce department to find out what your state requires.

Policies and procedures: To create the trust required for digital signatures, CAs must carefully follow very specific operational rules. These procedures are documented in their Certification Practice Statement (CPS), a document that should be available for public review. Pay special attention to the CA's policies on security, key management (issuing, authenticating, revoking, and publishing digital certificates), confidentiality, fees, liability, and independent auditing practices. Ask the CA about recent outside audits, and request the auditors' reports.

Management services: Before selecting a CA, make sure that you understand the company's policies for issuing, revoking, reissuing, disabling, reactivating, and archiving digital certificate information. Make sure that the CA uses a management system that will maintain its integrity over time, one that will be able to handle changes in employees or business status (such as mergers and acquisitions).

Remember that you are a consumer, and the CA is providing a service. Demand the same standards that you would require from any service organization. Make sure that the CA acts and reacts efficiently to provide fast, professional, dependable service.

Trust ID

A new digital certificate standard, TrustID, was recently adopted by both the Mortgage Bankers Association of America (MBAA) and the American Bankers association (ABA) as the gold standard for digital certificates within the mortgage banking industry. Making sure that the certificate you select complies with the TrustID standard will give you additional peace of mind as you make this important choice.

Ingeo's recommendations

When it comes down to it, the choices involved in obtaining a digital certificate and selecting a certificate authority are entirely yours. However, the process of selecting a CA can be a daunting one. Ingeo is happy to help you with this task, and this document should help you begin. In addition, your Ingeo representative can make recommendations about specific companies that have provided good service to other clients. But don't just take our word for it. Talk to others in your industry, on both the state and national levels, to help you choose wisely.

With a little investigation, and with outside help if necessary, you should be able to pick a certificate authority that offers a grade of digital certificate that meets your needs. In the end, you should be equipped with the digital identification—and electronic keys—required to do business with digital documents.

NOTES

1. Institute for Telecommunciation Sciences, Technical Subcommittee on Performance and Signal Processing. [2000]. Telecom Glossary 2000. 20 July 2001
   http://www.its.bldrdoc.gov/projects/t1glossary2000/_nonrepudiation.html.

What's New?

If you don't know me, or don't know me well, you can get a pretty good picture of who I am and what I do from snooping around in this site.

How I pay the bills:
DriveTime
Eclectic Interactive

What I do for fun:
Equinox
Spirit of Phoenix