The present invention relates to certificate use within messaging environments. More particularly, the present invention relates to generalized certificate use in policy-based secure messaging environments.
Digital certificates, such as those, for example, based upon the X.509 standard used in a public key infrastructure (PKI), may be used to both sign and encrypt data using, for example, a public-key cryptographic standard (PKCS), such as PKCS#7. Data that has been digitally signed in this case uses the private key of the originator (or sender) of the data and the data is verified by the recipient using the public key of the sender's certificate. Data that is encrypted utilizes the public key of the intended recipient to encrypt the data for that particular recipient, and the recipient uses the private key of the recipient to decrypt the data.