Understanding Digital Certificates

To verify the identity of people and organizations on the Web and to ensure content integrity, Internet Explorer uses industry-standard X.509 v3 digital certificates. Certificates are electronic credentials that bind the identity of the certificate owner to a pair (public and private) of electronic keys that can be used to encrypt and sign information digitally. These electronic credentials assure that the keys actually belong to the person or organization specified. Messages can be encrypted with either the public or the private key and then decrypted with the other key.
Each certificate contains at least the following information:

• Owner's public key
• Owner's name or alias
• Expiration date of the certificate
• Serial number of the certificate
• Name of the organization that issued the certificate
• Digital signature of the organization that issued the certificate

Certificates can also contain other user-supplied information, including a postal address, an e-mail address, and basic registration information, such as the country or region, postal code, age, and gender of the user.
Certificates form the basis for secure communication and client and server authentication on the Web. You can use certificates to do the following:

• Verify the identity of clients and servers on the Web.
• Encrypt channels to provide secure communication between clients and servers.
• Encrypt messages for secure Internet e-mail communication.
• Verify the sender's identity for Internet e-mail messages.
• Put your digital signature on executable code that users can download from the Web.
• Verify the source and integrity of signed executable code that users can download from the Web.
• For more details visit MS technet web site