User's Manual
Avaya Branch Gateway Manager 10.0 Page 68
15-601011 Issue 29r (Friday, November 02, 2012)B5800 Branch Gateway
5. Identity
The identity of the equipment or person at each end of the link is achieved by the used of digital certificates – more
specifically X.509 v3 certificates. Digital certificates are the preferred mechanism for the majority of internet-based
applications including e-commerce and email, and can be thought of as a credential, just like a passport or drivers’
license.
A digital certificate contains at least three things:
· A public key.
· Certificate information (Identity information about the user, such as name, user ID, and so on.)
· One or more digital signatures
The purpose of the digital signature on a certificate is to state that the certificate information has been verified to by
some other person or entity. The digital signature does not verify authenticity of the certificate as a whole; it vouches
only that the signed identity information goes along with, or is bound to, the public key: A certificate essentially is a
public key with one or two forms of ID attached, plus a stamp of approval from some other ‘trusted individual’.
Trusted individuals (also termed Certificate Authorities) themselves have publicly available certificates, which can contain
signatures from their trusted authorities. These can be verified all the way up to a ‘self-signed’ root certificate from a root
certificate authority.
Examples of root certificate authorities’ certificates can be found in every web browsers’ certificate store.