Preferred licensing method
The issuer of the credentials creates an information file and sends it to the user. In this procedure, each user creates a private key, a public key, and a certificate request file. The user then sends a User Information file containing the certificate request back to the issuer.
After checking the contents of the certificate request file, the issuer sends a certificate to the user. The user then tests the certificate to ensure it matches the private key.
There are two advantages to this procedure:
- The user’s private key is never exposed. Users can prove that no other person has seen the private key.
- The certificate request and certificate can be transmitted "in the clear" because they contain only public information.