Certificates
There are three kinds of certificates: server certificates, authority certificates and
user certificates.
• The phone uses a server certificate to improve security in connection between
the phone and the gateway. The phone receives the server certificate from the
service provider before the connection is established and its validity is checked
using the authority certificates saved in the phone. Server certificates are not
saved.
The security indicator
is displayed during a connection, if the data
transmission between the phone and the gateway (identified by the
IP address
in the
Edit active service settings
-
Bearer settings
) is encrypted.
However, the security indicator does not indicate that the data transmission
between the gateway and the content server (place where the requested
resource is saved) is secure. It is up to the service provider to secure the data
transmission between the gateway and the content server.
• Authority certificates are used by some services, such as banking services, for
checking the validity of other certificates. Authority certificates can either be
saved in the security module by the service provider, or they can be
downloaded from the network, if the service supports the use of authority
certificates.
• User certificates are issued to users by a Certifying Authority. User certificates
are required, for example, to make a digital signature and they associate the
user with a specific private key in a security module.
Copyright
©
2003 Nokia. All rights reserved.
136
Important: Note, however, that even if the use of certificates makes the
risks involved in remote connections and software installation
considerably smaller, they must be used correctly in order to benefit from
increased security. The existence of a certificate does not offer any
protection by itself; the certificate manager must contain correct,
authentic, or trusted certificates for increased security to be available.
Important: Certificates have a restricted lifetime. If Expired certificate or
Certificate not valid yet is shown even if the certificate should be valid,
check that the current date and time in your phone are correct.
Important: Before changing these settings, you must make sure that you
really trust the owner of the certificate and that the certificate really
belongs to the listed owner.