X.509 used to make theCA unambiguous.Subject Unique ID:

X.509 is globally accepted digital certificate that was started in 1988 and is a part of the internationaltelecommunications Union’s Telecommunication Standardization. It is a public key infrastructure (PKI)standard used to verify if the public key belongs to the user, computer or not. X.509 contains informationabout the identity to which a certificate is issued and the identity that issued it. Information that are in X.509certificate are:? Version? Serial Number? Algorithm information? Issuer distinguished name? Validity period of the certificate? Subject distinguished name? Subject public key information? Issuer Unique ID? Subject Unique ID? ExtensionsVersion: It contains the version of the X.509 certificate. The possible value are 0, 1 or 2 as onlythree versions has come out till date.Serial Number: It contains the positive, unique integer which is assigned by the certificate authority(CA).Algorithm information: Contains an object identifier (OID) which specifies the algorithm used bythe CA to sign the certificate.Issuer distinguished name: Contains the distinguished name of the CA that created and signed thecertificate.Validity period of the certificate: It specifies the time interval during which the certificate is valid.Subject distinguished name: It contains the distinguished name of the entity associated with thepublic key contained in the certificate.Subject public key information: It contains public key and algorithm associated with it.Issuer Unique ID: Introduced from version 1, it contains unique value which is used to make theCA unambiguous.Subject Unique ID: Introduced from version 1, it contains unique value which is used to make thename of the certificate unambiguous.Extension: Introduced from version 2, it allowed the CA to have extensions.The structure of the X.509 certificate can be understood with following diagram:VersionSerial NumberSignature Algorithm IdentifierIssuer NameValidity PeriodSubject NamePublic Key InformationIssuer Unique IDSubject unique IDExtensionsHence, this is the structure of X.509 certificate.Version 2 Version 1Version 3These structure of X.509 certificate is important because it helps in making our data that is beingtransferred to the internet more strong and secure. As keys are used to lock the message and unlockthe message it will be unreadable to people outside who do not possess the key to unlock themessage. For example: I want to transfer a file that is really important and confidential to my bossbut he is in India. Now I cannot go there and meet him personally so i will have to mail or forwardthe message to him through internet. Now because of the X.509 certificate i will be able to makethe message secure as I will send a message and attach a key to it which is only known to him andpeople who try to read the message will not be able to decipher the message as they will not havethe key and view message as unreadable but when the message reaches him he will be able to readit as he has the key that can unlock and decipher the message.Hence this is the reason why X.509 certificate is important.There are different cryptographic functions and X.509 certificate is implemented as follows:Symmetric encryption functions:When a single key is used to encrypt and decrypt it is known as symmetric encryptionfunction. It is also known as shared key functions. In this kind first version of X.509 were used asboth encryption and decryption were done using the same key so there were no issuer unique idand subject unique ID or extensions.Asymmetric encryption functions:When two keys are used, one for encryption and one for decryption it is known asasymmetric encryption. It is also known as public key function. While using this function publickey is used to encrypt the data and a private key is used to decrypt the data. When this encryptionfunction is used 2nd version of the X.509 is used as different keys are used for encryption anddecryption so it has issuer unique ID and subject unique ID.Hash Functions:It is a form of cryptographic security which differs from encryption. In hashing the messageis changed into an irreversible fixed length value or hash. Hashing is used only to verify data. It ismostly used with a secret key for error checking. Common hash functions are md5 and sha-1. X.509version 3 is used in hashing as extensions are used to confirm the hashed value shows the requiredmessage or not.