58 Copyright © 2004 Nokia
CERTIFICATES
There are three kinds of certificates:
Server certificates—Used by the phone to create a connection with improved
security to the content server. The phone receives the server certificate from the
service provider before the connection is established, and its validity is checked
using the authority certificates saved in the phone. Server certificates are not saved.
The security indicator is displayed during a connection if the data
transmission between the phone and the content server is encrypted.
The security icon does not indicate that the data transmission between the
gateway and the content server (or place where the requested resource is
stored) is secure. The service provider secures the data transmission between the
gateway and the content server.
Authority certificates—Used by some services, such as banking services, for
checking the validity of other certificates. Authority certificates can either be
saved in the security module by the service provider, or they can be downloaded
from the network if the service supports the use of authority certificates.
User certificates—Issued to users by a certifying authority. User certificates are
required (for example, to create a digital signature). They associate the user
with a specific private key in a security module.
Important: Even if the use of certificates makes the risks involved in
remote connections and software installation considerably smaller, they
must be used correctly in order to benefit from increased security. The
existence of a certificate does not offer any protection by itself; the
certificate manager must contain correct, authentic, or trusted certificates
for increased security to be available. Certificates have a restricted
lifetime. If Expired certificate or Certificate not valid yet are shown,
even if the certificate should be valid, verify that the current date and
time in your device are correct.
Before changing any certificate settings, you must make sure that you trust the
owner of the certificate and that the certificate belongs to the listed owner.
DIGITAL SIGNATURE
You can make digital signatures with your phone if your SIM card has a security
module. The signature can be traced back to you by the private key on the security
module and the user certificate that was used to perform the signature. To use
the digital signature, can be the same as signing your name to a paper bill,
contract, or other document. See also “Security module” on page 57.
To make a digital signature, select a link on a page, such as the title of the book
that you want to buy and its price. The text to sign (possibly including amount,
date, etc.) will be shown.
Check that the header text is Read and that the digital signature icon
is shown.
3220.ENESv2_BIL_9236733.book Page 58 Thursday, November 18, 2004 10:07 AM