Using Certificates in Windows 10

Introduction

Trust is one of the most important things that can be established between two parties. It is a process where both parties suspend their disbelief of the other’s potential for betrayal and proceed toward a common goal of some sort. This extends to the world of computers, where certificates have been used for years to establish trust between, in this case, users and computers. 

This article will detail using certificates in the context of Windows 10. It will shed some light on what certificates do in Windows 10 and will explore how to manage them in Windows 10. For those in IT, certificates in Windows 10 are a vital aspect of information security and understanding them may be the determining factor in supporting an organization’s end users.

A little about certificates

Certificates prove that websites are genuine and users are legitimate, and can provide a level of encryption to online communications via Secure Socket Layer (SSL) technology. Root certificate authority (CA) issues what are called root certificates, which are the top level of the chain of trust. A trusted root certificate is issued by a trusted root certificate authority.

Certificates use public key infrastructure (PKI), where there is a private key/public key pair. A common certificate cycle, known as asymmetric cryptography, is as follows: a certificate is signed by a CA using a private key which is stored with the user. The public key is embedded in a browser which sends encrypted messages to the user that contains a symmetric key. This key is used by the browser to encrypt communication between the user and the browser for the respective session. Public keys can also be used to verify distributed organization software.

Certificates have a limited lifespan — normally one to two years maximum. When certificates are revoked, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/14MwtX98WDY/