Specifications
6-16
Miscellaneous
in a trusted communication and compare this with the certificate deliv-
ered with signed files.
To validate a certificate chain the complete certificate chain has to be
available to you. Nevertheless, although you need the certificate chain
to verify the origin of a leaf certificate, only its root certificate has to be
verified via a secure communication because the chain leads to it (see
also section “What’s a Certificate Chain” on page 6-13).
6.5.8 The Keys and Certificates Delivered with CLIPSTER
In the delivery of the CLIPSTER DCI Mastering feature you can find on
the enclosed CD-ROM the following keys and certificates:
File: *.cer
Path: DVS\CLIPSTER\Key Store\
Explanation: Public key for the self KDM of the CLIPSTER DCI Mas-
tering station.
File: DvsClipsterDCIRoot.cer
DvsClipsterDCIDvsAG.cer
Path: DVS\CLIPSTER\Certificate Store\DVS\
DVS\CLIPSTER\Certificate Store\DVS\
Explanation: The certificate chain of the public key for the self KDM
(intermediate and root) for verification.
Use the following files for testing purposes only. They should
not be used to create a DCP for distribution. For this you
should use your own Signing Keys (see section “Signing Key”
on page 6-8).
File: TestSigningCertificateLeaf.pfx
Path: DVS\CLIPSTER\Signature Store\DVS Test\
Explanation: For testing only: Private Signing Key for testing. With
it you can sign the extra files of a DCP. Contains the
complete chain of test certificates.
Password: DVS