Manualshelf

HP Printers - Certificate-based authentication for data security (whitepaper)

ManualsBrandsHP ManualsPrint & ScanCE525A
12345678
8
Summary
Obviously, this analogy leaves out a lot of detail. But, the essentials are all there. The biggest difference
between digital and paper certificates is in how quickly they can be verified. Digital certificates are verified
literally billions of times per day, every day. Paper certificates take so much time and effort to verify that
they only get examined when there’s a problem. The bank only verifies the signature on a check when you
complain about a possible forgery.
Important points to remember
1. The CA certificate is the “signature card” for digital certificates. You get one so that you can make
sure a signature is genuine. They are available anywhere certificates are being signed.
2. You can’t verify a check from John Doe with a signature card from Joe Smith. So, don’t expect that
any old CA certificate can be used to validate a new ID certificate. It must be the exact same CA
certificate that originally signed the ID certificate.
3. Y
ou can’t validate a certificate without a CA certificate. We call this “Fake Security” and it’s not
uncommon among MFPs and printers from other manufacturers.
4
. There is no security issue with sharing CA certificates or ID certificates freely. This is how it all
works. No sharing, no security. Just make sure you share only the public key and keep the privat
e
k
ey to yourself.
This document is a simplified explanation designed to help foster better understanding of the process.
Ultimately, certificate authentication is a complex topic and there are many variances (like multi-tier
Certificate Authorities) which are not mentioned in this document.
More Information
For more information about managing data security in the HP EWS, go to the following support document:
https://support.hp.com/us-en/document/c05389308
To read more about this issue, go to: hp.com/support
© Copyrigh
t 2018 HP Inc. The information contained herein is subject to change without notice. The only warranties for HP products and services
are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed
as constituting an
additional warranty. HP shall not be liable for technical or editorial
errors or omissions contained herein.
DocID
: c06143896, Created: October 2018