Preferred licensing method

The issuer of the credentials creates an information file and sends it to the user. In this procedure, each user creates a private key, a public key, and a certificate request file. The user then sends a User Information file containing the certificate request back to the issuer.

After checking the contents of the certificate request file, the issuer sends a certificate to the user. The user then tests the certificate to ensure it matches the private key.

There are two advantages to this procedure:

  • The user’s private key is never exposed. Users can prove that no other person has seen the private key.
  • The certificate request and certificate can be transmitted "in the clear" because they contain only public information.