ID Austria
Certificates for Emails
Certificates for Web Servers
Code Signing Certificates
Official Signatur
Company Signatur
The ID Austria, a form of qualified electronic signature is used at TU Graz e. g. for login into the SSO system, or for resetting a forgotten or expired password.
Email signature and encryption are a separate topic.
In order to be able to transmit data on the Internet confidentially (i. e., only readable by authorized persons), it must be transported in encrypted form. SSL/TLS (only accessible to IT officers) has become established for this purpose in the area of web servers: a hybrid encryption method in which a fast symmetric (session-related) key is exchanged via (slow) asymmetric encryption.
For asymmetric encryption to work, you have to trust the public key of the website (namely, that this really is, for example, the key of the bank you want to communicate with and that therefore only the bank can decrypt the transmitted data again). This can be done either by mutual trust (WoT) or by certificates with which a Certificate Authority (CA) confirms that a key is valid and belongs to the right place; you then "only" have to trust this CA.
On the Web, the variant with certificate chains has become established and the root certificates of many CAs are already entered in the browsers, so that certificates issued by these CAs are automatically trusted.
Such a certificate generally costs a lot of money, but as participants in ACOnet we have the opportunity to obtain them free of charge within the framework of TCS.
Code signing certificates are only be available for HSM.
Graz University of Technology uses the official signature in the area of study services for the signing of certificates.
A company signature (an official signature without the character of an official notice) is used in the area of accounting/SAP for orders.
Non-personal certificates such as the official and company signature are often also called "electronic seals".
