Special Files Used In The File Authentication Process - VeriFone V200c Reference Manual
Hide thumbs
Also See for V200c:
- Installation manual (13 pages) ,
- Installation manual (54 pages) ,
- Getting started manual (4 pages)
Table of Contents
Advertisement
F
A
ILE
UTHENTICATION
Introduction to File Authentication
Special Files Used
in the File
Authentication
Process
34
V200
R
C
EFERENCE
The following specially formatted files support the FA process:
•
A digital certificate (*crt file) is a digital public document used to verify the
signature of a file.
•
A digital signature (*.p7s file) is a piece of information based on both the file
and the signer's private cryptographic key. The file sender digitally signs the
file using a private key. The file receiver uses a digital certificate to verify the
sender's digital signature.
•
Signer private keys are securely conveyed to clients on smart cards. On
V200c, private keys are not kept in files. The secret passwords required by
clients to generate signature files, using signer private keys, are sent as PINs
over a separate channel such as registered mail or encrypted e-mail.
Digital certificates and signature files, do not need to be kept secure to safeguard
the overall security of VeriShield.
The special file types that support the file authentication process are recognized
by their filename extensions.
Table 5
VeriShield File Signing Tool Filename Extensions
File Type
Signature
Digital certificate
All digital certificates are generated and managed by the Verifone CA, and are
distributed on request to terminal clients—either internally within Verifone or
externally to sponsors.
All certificates issued by the Verifone CA for the terminal platform, and for any
Verifone platform with the VeriShield security architecture, are hierarchically
related. That is, a lower-level certificate can only be authenticated under the
authority of a higher-level certificate.
The security of the highest-level certificate, called the platform root certificate, is
tightly controlled by Verifone.
The required cryptographically related private keys that support the file
authentication process are also generated and distributed by the Verifone CA.
Certificates Contain Keys That Authenticate Signature Files
•
Sponsor certificate: Certifies a client's sponsorship of the terminal. It does not,
however, convey the right to sign and authenticate files. To add flexibility to the
business relationships that are logically secured under the file authentication
process, a second type of certificate is usually required to sign files.
G
UIDE
Extension
*.p7s
*.crt
Hide quick links:
Advertisement
Table of Contents
