Because business is built on trustTM
Skip navigation links

Q. Who is Post.Trust?

Post.Trust is a wholly owned subsidiary of An Post, specialising in Public Key Infrastructure (PKI) enabled security solutions.

Top of the page

Q.What is Public Key Infrastructure (PKI)?

Public-key infrastructure (PKI) is the combination of software, encryption technologies, and services that enables enterprises to protect the security of their communications and business transactions on the Internet. PKIs integrate digital certificates, public-key cryptography, and certificate authorities into a total, enterprise-wide network security architecture.

Top of the page

Q. What is a digital certificate?

A digital certificate is a unique numeric string that identifies you while communicating or transacting online. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is authentic. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.

Top of the page

Q. What is a Qualified Certificate?

The term Qualified Certificate is used to describe a digital certificate with a certain qualified status within applicable governing law, i.e. digital certificates which meet the requirements laid down in Annex I of the EU Directive 1999/93/EC and is provided by a certification-service-provider who fulfils the requirements laid down in Annex II of the EU Directive 1999/93/EC. Within this standard the term "Qualified Certificate" is used more generally to describe the format for a certificate whose primary purpose is identifying a person with high level of assurance in public non-repudiation services.

Top of the page

Q. What is an Advanced Electronic signature (AES)?

An advanced electronic signature is defined in the Irish eCommerce Act 2000 as an electronic signature which meets the following criteria:

(a) it is uniquely linked to the signatory;

(b) it is capable of identifying the signatory;

(c) it is created using means that the signatory can maintain under his sole control; and

(d) it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable

Top of the page

Q. What is the legal effect of the eCommerce Act 2000?

The eCommerce Act 2000 provides for the legal recognition of electronic signatures, electronic writing and electronic contracts so as to ensure that electronic communications are not treated any differently under the law, than traditional paper-based communications.

Top of the page

Q. What is a Certification Service Provider (CSP)?

Also known as a Certification Authority (CA). A CSP is an organisation responsible for the issuing, renewing, suspending or revoking of digital certificates. It also decides on the procedures followed in verifying an identity and/or a person's relationship to that organisation. The CSP authorises the signing of certificates and works through Registration Authorities to approve these requests.

Top of the page

Q. What can I do with a digital certificate?

Digital certificates allow you to verify your identity to another party in an online transaction. When used with encryption, they also allow you to encrypt information that you send to another person so as to provide additional assurance that only the intended party can access the information and that the information will not be compromised en route. Digital certificates facilitate these security measures, which in turn allow web applications to control access to secure web sites or to encrypt messages or files in transit over insecure networks.

Top of the page

Q. How do Digital Certificates work?

The digital certificate attaches a unique public key to the identity of the certificate holder.

The public key is one half of a uniquely matched key pair. The other key being a private key. While the public key is made available to the public, the private key is kept confidential. Each key can encrypt and decrypt data. Information encrypted by one key can only be decrypted by its counterpart in the key pair.

Therefore, in order to ensure that only the intended recipient has access to the transmitted message, the sender encrypts the message using the recipient's public key. The recipient then decrypts the message using the matched recipient private key.

Similarly, in order to ensure that the message originated from the claimed sender, the sender signs the message by encrypting it with their private key. The recipient verifies the identity of the sender by decrypting the message with the sender's public key.

Top of the page

Q. Why do I need a Digital Certificate?

To control acess to secure web sites, to encrpyt messages or files, to verifiy the identiy of an individual or to legally bind the request to a person or entity.

More and more companies doing business on the Internet are awakening to this reality and realising the need for digital certificates for their customers.

The presence of a digital certificate from a trusted organisation attests to the integrity of a business, thus providing online consumers with assurance that they are dealing with a legitimate business.

Top of the page

Q. What are digital signatures?

A digital signature is an electronic signature which can be used in numerous types of electronic information transfer activities.

Digital signatures are based on mathematical theory and the use of algorithms. They require that the holder of the signature has a two key system for signing and verification (one private and the other public). The important component in this picture is in having a verifiable, trustworthy entity to create and distribute signatures. These entities are called "Certification Service Provider" or "Certification Authorities".

Digital signature technology opens up a whole new range of possibilities for organisations to change the way they do business transactions electronically. The ability to transmit electronic messages carrying legal binding signatures allows businesses to conduct transactions and to enter into binding contracts entirely by electronic means.

Top of the page

Q. What is cryptography?

It is the process of transforming information you can read into information someone cannot read. In this way, information is coded (encryption) to stop it from being read or altered by anyone but the intended recipient. It may be intercepted, but it will not be intelligible to someone without the ability to decode (decryption) the message.

Encryption and decryption are required to convert information between readable and encoded formats.

Top of the page

Q. What is a Key?

It is a sequence of characters used to encode and decode a file. The key is used to encrypt and/or decrypt a message.

Top of the page

Q. What kind of keys are used in digital signatures?

Digital signatures use public key cryptography. Where two keys are used to both encrypt and decrypt a message. A digital signature is created using the person's "private" key. The recipient then checks this signature using that person's "public" key.

Top of the page

Q.What is public key cryptography?

This is a system whereby two people who wish to electronically send data can do so in a manner that ensures both privacy (through the data encipherment) and authentication (through digitally signing) of that data.

Quite simply it involves two keys, a public and private key, which when generated are the mutual inverse of each. As the idea suggests, an action carried out by one of the keys e.g. a message that is encrypted by a public key, can only be decrypted by the corresponding private key of that key pair.

For obvious reasons the private key of the key pair is retained by it's owner and should never be available to any other individual. The public key however, as the name suggests is made available to the general public with some additional details including the owners' details. The public key in this format is known as a " digital certificate".

Top of the page

Q. What is the Domain Name System?

The domain name system (DNS) is the way that Internet domain names are located and translated into Internet protocol addresses, which are numbers and more difficult to remember. An Internet protocol address uniquely identifies each individual computer on the Internet. A domain name is a meaningful and easy-to-remember an Internet address.

Because maintaining a central list of domain name/IP address correspondences would be impractical, the lists of domain names and IP addresses are distributed throughout the Internet in a hierarchy of authority. There is probably a DNS server within close geographic proximity to your access provider that maps the domain names in your Internet requests or forwards them to other servers in the Internet.

The IE domain is the top-level Internet domain for Ireland. It is administered by the IE Domain Registry in University College Dublin Computing Services, as a public service. The IE Domain Registry is a member of CENTR, the Council of European National Top-Level Domain Registries.

Top of the page

Contact Us
Post.Trust Ltd., GPO, O'Connell Street, Dublin 1, Ireland
View Map

T: 1890 617 171 (Lo Call)
T: +353 (0) 1 705 8640

Home | Privacy Policy | Cookies | Site Map