Secure communication over nonsecure networks generally involves two major areas of concern: privacy and authentication.
For greater privacy, users sometimes need to prevent anyone except the intended recipient from being able to read a message. Ensuring privacy usually involves some form of a process known as cryptography, which is discussed in the following section.
Authentication is the need to know that the entity with whom you are communicating is, in fact, who it claims to be. Perhaps the most common method of accomplishing authentication is through the use of certificates. A certificate is a set of data that identifies an entity, contains that entity's public key (a cryptographic key) and is issued by a trusted organization or entity called a Certification Authority (CA) only after a CA has verified that the entity is who it says it is. The communication between the CA and the certificate requester could be accomplished by the requester physically carrying the necessary information, stored on a floppy disk, to the CA. However, the communication is usually accomplished with a signed message sent over a network. The CA often uses a trusted application program called a certificate server.