Page 64 - Microsoft Office Excel 2003 Programming Inside Out
P. 64
Microsoft Office Excel 2003 Programming Inside Out
lbapp. The key you’ll actually generate is much, much longer, and it’s split into two pieces: a
public half and a private half. The private half, called your private key, is to be kept secret; you
don’t need to share it with anyone else, and anyone who asks you to do so does not have your
best interests at heart. You can and should distribute the public half, called the public key, to
anyone with whom you will exchange digitally signed files. The trick behind public-key
encryption is that anyone who has a copy of your public key can verify that a document you
signed using your private key is from you and is unchanged since you signed it. It’s important
to note that anyone who attempts to sign a file using your public key will not appear to be you.
Depending on the encryption software package you use, you might be able to use your pub€
lic-key and private-key pair to digitally sign workbooks and macro code that you distribute
over your internal network. The problem with using keys that aren’t distributed outside your
organization is that no one outside your network will have any idea whether your signature is
valid or not. If you need to work with individuals outside your corporate network, you can
obtain a digital certificate from a trusted third-party vendor. A digital certificate is an electronic
file that identifies you, and contains information such as your organization name, the certif€
icate’s issuing authority, your e-mail address and country, and the certificate’s expiration
date, and it has a copy of your public key. After you sign a document using a digital certifi€
cate, anyone who wants to verify that the certificate used to sign the document belongs to you
can go to the key server maintained by the issuing authority and match the signature to your
public key.
Chapter 3
Inside Out
Digital Certificates: You Can Even Create Your Own
There was a lot of competition in the digital certificate market in the latter half of the
1990s, as various companies vied for a share of the trusted authority pie. At the end of the
decade, two companies stood out: VeriSign, and Thawte Consulting. In December 1999,
VeriSign ended the competition by buying Thawte, consolidating the two largest digital
certificate providers under a single corporate umbrella. You can visit the companies at
http://www.verisign.com/ or http://www.thawte.com/ to get a feel for the products and
services they offer.
While Thawte and VeriSign are the leaders in the digital certificate market, you should pay
close attention to the disclaimers they have in their standard contract. While they make
their best effort to verify the identity of the individuals and organizations that purchase dig
ital certificates, they do not warrant that their methods are infallible and, in fact, require you
to hold them harmless should someone evade their verification procedures and assume a
false digital identity.
38
Part 2: Visual Basic for Applications
