Identity Certificates are documents which act as a way to cryptographic-ally authenticate yourself on the network. The certificates are signed by a central or acting authority
known as the identity Registrar. There are multiple Ephemeral Identity Certificates which are attached and signed by a Master Identity Certificate and the Identity Registrar. The Identity Registrar acts as a protected faucet guarding the network against various Sybil attacks. The Identity Registrar ensures malicious master and or ephemeral certificates aren’t signed which allows services to efficiently deny their connection attempts.Certificates allow the community to establish a decentralized reputation blockchain, which can publicly record good & bad behavior associated with specific certificates. A honeypot can be used to block known bad actors from accessing a service.
The Master Certificate is used to sign various ephemeral certificates and may be used for Identity verification and wallet action authentication. The master key pair is the initial source of authentication for the keypairs. Ephemeral key pairs must be signed by the Master certificate first before they can be submitted to the Identity Registrar for signing.
Ephemeral Certificates, (EC), are a sub certificate to the Master Certificate. ECs act as profiles which are used to access user defined services. For example, wallet certificate, banking certificate, general web browsing certificate or for every service. ECs are also used for the key exchange process which sets up a bi-directional UDSP connection between the origin and host. Since encryption is handled by ephemeral certificates users can easily create a new EC to ensure security is always adapting. However, their root identity being the master certificate is still present and used to validate the EC.
Benefits of Identity Certificates
Users can visit a page, instantly create an account, and then instantly make a purchase. Sites can offer instant login & signup. Certificates remove the need to remember a password as the ephemeral certificates act as access keys. Ephemeral Certificates are created from the browser, which enables users to assign specific certificates to certain services. This is an effective way to mitigate potential damages in the case of theft or a device is lost. Devices can now be limited to certain ephemeral certificates so you can take social media on the go but leave your banking credentials on your home desktop.