Symbian
Symbian OS Library

SYMBIAN OS V9.3

[Index] [Spacer] [Previous] [Next]



WTLS Certificates Overview

WTLS certificates are used for authenticating entities in WTLS, the security layer protocol in the WAP architecture. The WTLS specification [WTLS 1.0], defines the certificate and its use, as well as the protocol itself.

The WTLS protocol is heavily based on TLS [RFC 2246], which is widely used to provide privacy and data integrity between two applications communicating using the Internet. In turn, TLS is heavily based on SSL version 3.0.

All these protocols use Public Key Cryptography to achieve the goals of privacy and data integrity. Public Key Cryptography is used to reduce the problem of how to achieve these goals from a secrecy requirement to a requirement of authentication. That is, given two entities A and B, if A can demonstrate possession of the private key corresponding to the public key which it supplies, and B can do the same, then the use of Public Key Cryptography will enable them to communicate privately. Certificates are used to demonstrate this possession: the prover will supply a set of certificates beginning with their own, and the verifier will attempt to construct and validate a chain beginning with the prover's own certificate and terminating in a certificate already trusted by the verifier.

Three levels of security are provided by WTLS:

For server authentication WTLS certificates are used: thus, WAP clients don't have to deal with X.509 certificates. However, for client authentication X.509 certificates are used to leverage existing PKIs.

Symbian OS support for TLS/SSL and WTLS certificate management only includes server authentication. Thus, the WTLS certificate management only offers support for the validation of chains composed exclusively of WTLS certificates, and the storage of WTLS certificates.

Certman offers the following functionality for processing WTLS certificates: