What Is a Digital Signature?
Digital signature is a process that guarantees that the contents of a message have not been altered in transit.
When you, the server, digitally sign a document, you add a one-way hash (encryption) of the message content using your public and private key pair.
Your client can still read it, but the process creates a "signature" that only the server's public key can decrypt. The client, using the server's public key, can then validate the sender as well as the integrity of message contents.
- an email
- an online order
- or a watermarked photograph on eBay
if the transmission arrives but the digital signature does not match the public key in the digital certificate, then the client knows that the message has not been altered.
Other Uses for Digital Signatures
On the other hand, sometimes you need to prove that a document came from someone else and has not been altered along the way. In legal matters, for example, you may need to prove that a contract has not been altered since someone sent it as an email.
Because the computer tenaciously pairs the digital signature to one saved version of the document, it is nearly impossible to repudiate a digitally signed document.
Or, if you are a developer distributing software online, you may need to reassure your customers that your executables really are from you. Put a code-signing certificate in your toolkit.