A digital signature is an electronic, encryption-based, secure stamp of authentication on a message. This signature confirms that the message originated from the signer and has not been altered.
In order to fully trust the signature, the certificate used to sign the message must be vouched for. The vouching process adds an extra level of trust to the signature on the message. In some cases, the certificate is automatically vouched for by the company it’s purchased from. In other instances, the certificate must be vouched for by people who already hold confirmed certificates. Trust is transferred from one person to the next.
A digital signature for email allows you to prove to the recipient of your email that you were, in fact, the person that sent the email and encrypt the email for added security.
Encrypting a message ensures privacy by converting an email from plain, readable text into cipher (scrambled) text. Only the recipient, who has a private key to match the public key used to encrypt the message, can decipher it. This is a separate process from digitally signing a message.
Certificates are digital means of proving your identity, using a public and private key pair. The private key is kept on a computer that the sender will use to digitally sign messages to recipients, and decrypt (unlock) messages from recipients. Private keys should be password protected. The public key is sent to others or published in a directory, so that others can use it to send you encrypted messages.
If you’re a researcher at UB working with Department of Defense (DOD) grants, you may be required to obtain a certificate in order to process your grant. The process of obtaining this certficate (known as an “ECA”) is complex.
You may obtain a certificate from the DOD approved vendor, IdenTrust, by following their step-by-step instructions.