IDScript

Basic

1. What is a Digital Certificate?

Answer: A Digital Certificate is an electronic credential that vouches for the holder's identity and has characteristics similar to those of a passport:

It has identifying information

Is forgery-proof and

Is issued by a trusted third party

An IDscript Juricert™ Authenticated TrustMint™ Professional Certificate contains:

The user's distinguished name (a unique identifier)

The issuing Certification Authority's distinguished name

The user's public key, a validity period, and the certificate's serial number

The issuing Certification Authority's digital signature and verifying information in the digital certificate

Juricert Authentication

2. What are the features and benefits of an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate?

Answer: An IDscript Juricert™ Authenticated TrustMint™ Professional Certificate has numerous features and benefits

Protects privacy

Assures the integrity of electronic communications

Verifies the identity of the parties

Ensures non-repudiation

Ensures the certificate holder is a member in good standing with their Law Society

Only an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate does this.

3. Who can purchase an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate?

Answer: There are only certain select individuals that can purchase an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate. These are lawyers, notaries, associates and select clients.

4. How does the process work?

Answer: A lawyer who is a member in good standing with their respective Canadian Law Society can purchase an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate. Interested lawyers can sign up here. Once the completed application is received, Juricert authenticates professional status. IDscript issues the certificate only after the authentication process is complete. Average turnaround time is 24-48 hours.

If the member lawyer would like an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate for an associate or client, the member lawyer must vouch for the identity of the party.

5. Are there less expensive options?

Answer: Cheaper is not always better. There are less expensive and more expensive options available. Less expensive digital certificates only need a valid email address to be issued, and therefore lack the identification security that today's legal professional needs.

Only an IDscript Juricert™ Authenticated TrustMint™ Professional Certificate tells clients and other legal professionals that the holder is a member in good standing with their respective Professional Society. The Juricert Authentication is the standard for lawyers in Canada.

6. Where can I purchase my IDscript Juricert™ Authenticated TrustMint™ Professional Certificate?

Answer: You can purchase your IDscript Juricert™ Authenticated TrustMint™ Professional Certificate here. To find out more about Juricert visit their web site at www.juricert.com.

Technical

1. Is my IDscript Professional Certificate installed correctly?

Answer: Your IDscript Professional Certificate will be installed into your Web browser. Browser manufacturers store the certificate differently. Each browser has built-in functionality to store and display certificates. Below are instructions for the two most popular browsers-Netscape Navigator and Microsoft Internet Explorer.

NETSCAPE NAVIGATOR

How to tell if your IDscript Professional Certificate is properly installed into Netscape Navigator:

a. Click the button with the lock icon in the toolbar to open the security properties page.
b. Click Yours under Certificates.
c. Click the certificate you wish to verify.
d. Click the View button to display your certificate.
e. Verify that the information displayed is correct.

NOTE: You may need to scroll the display screen or resize column displays to see all the information displayed. Netscape displays the list of certificates using the nickname that you chose when you installed the certificate. If you did not choose a nickname for your IDscript Professional Certificate, it will show as a blank line within Navigator. If a blank white box is displayed, you may select it by clicking on the blank line and then clicking the View button. Because Netscape does not allow certificate information to be changed, there is no way to give your certificate a new nickname.

INTERNET EXPLORER

How to tell if your IDscript Professional Certificate is properly installed into Internet Explorer:

a. For Internet Explorer version 4, choose View then Internet Options from the menu, OR
b. For Internet Explorer version 5, choose Tools then Internet Options from the menu.
c. Click the Content tab.
d. Click the Certificates button.
e. Click on your IDscript Professional Certificate to highlight it.
f. Click the View button.
g. Click the Details tab.
h. Verify that the information displayed is correct.

2. What is a Certificate Revocation List (CRL)?

Answer: A CRL is a list of non-expired certificates that have been revoked by the issuing Certification Authority. CRLs are stored in a publicly accessible database repository. A certificate may be revoked for several reasons-the user's private key has been compromised, the identity of the individual has been compromised, the purpose of the certificate has been terminated (e.g., an employee quits), and so forth.

3. What do I do if I forget my password?

Answer: If you forget your password that protects your certificate, you will be unable to access the private key for your certificate. For security reasons, no one, including IDscript, will be able to bypass your password to obtain your certificate. You may ask IDscript to revoke your certificate and issue a new certificate.

4. Should I save a copy of my digital certificate?

Answer: Yes, you should keep a backup copy of your digital certificate in a secure place. If your digital certificate is lost, you will need to re-load it to view any messages that have been encrypted for you. See the Private Key Protection and Revocation Instructions that you received with your IDscript Professional Certificate for specific instructions on making a backup copy.

5. How do I update the information in my IDscript Professional Certificate?

Answer: The information contained in a digital certificate cannot be changed. If changes are required (e.g., new e-mail address), you will need to obtain a new certificate.

6. How do I renew my IDscript Professional Certificate?

Answer: IDscript will contact you prior to your certificate's expiration date to arrange for a renewal certificate to be issued.

7. Should I keep my IDscript Professional Certificate private?

Answer: A certificate is a public document that binds your private key to your identity information. While you must keep your private key confidential, you should publicize your certificate as widely as possible so others can use the information in it to engage in secure e-commerce and communications with you. IDscript will make your certificate available on the World Wide Web to enable others to find it. Because your certificate contains your identity information and the associated public key, it does not need to be kept private.

Your private key is separate from your certificate. It is not displayed in your certificate and cannot be determined from the information displayed in your certificate. You must protect your private key and keep it a secret. Most people store their private keys using the password protection of their Web browser.

8. Why must I keep my private key confidential?

Answer: Your private encryption key is literally the key that opens up your digital certificate. The private key is used to digitally sign your communications which others can verify using your public key that is part of your certificate. Your private key is also used to decrypt private information so that only you may read it. If someone else obtained your private key, that person could masquerade as you, digitally sign as you, and read your encrypted information.

How does an IDscript digital certificate work?

A digital certificate contains two parts, a public key and a private key. The private key is your unique identifier, an electronic fingerprint if you will, or a key that only you have access to. The public key is a matching component that you allow other people to use. The two pieces of the key are mathematically related so that you cannot decipher one from the other, but electronic data encrypted with one can be decrypted with the other. In brief the system works like this:

1. You "sign" an email (IDscript Professional Digital Certificates) or an Internet server transmission (IDscript SSL Server Digital Certificate) with your private key.
2. The recipient of that transmission then checks the signature with your public key.
3. If you are the only person with access to your private key, and the public key matches, they can be sure that the transmission came from you.

How do I use my digital certificate?

Once you receive your digital certificate, you will also receive instructions on how to install your key.

For IDscript Professional Digital Certificates, you install your digital certificate on the computer on which you utilize your e-mail. Once it's installed, all you have to do is send e-mail like usual and your digital signature is will be automatically attached, insuring the security and authentication of your communications. You can configure your computer to always attach your digital certificate and encrypt your messages or only to do so when you want that level of security.

For IDscript SSL Server Digital Certificates, you need to set up a secure web-server that knows your private key. Then any third-party from the Internet contacting that web server is able to validate the identity of your server.

How do I purchase my IDscript Digital Certificate?

Please click on the following link to order your IDscript digital certificate today.

PKI Basics Digital Signatures and Public Key Infrastructure (PKI) 101