Technically, the certificate is a block of data signed by the certificate issuer (the CA). The relevant fields are:
-
Unique identifier (name) of the certificate issuer
-
Time range during which the certificate is valid
-
Unique identifier (name) of the certified object
-
Public key of the certified object
-
The issuer's signature over all the above
If this certificate is to be verified, the verifier must have a table of the names and public keys of trusted CAs. For simplicity, these tables should list certificates issued by the respective CAs for themselves (self-signed certificates).
