Encipherment Certificate

d-Cert (Encipherment) certificates are to be used only:

1. to send encrypted electronic messages to the Subscriber Organisation;
2. to permit the Subscriber Organisation to decrypt messages; and
3. to permit the Subscriber’s organization to issue an acknowledgement message with a digital signature to confirm its identity as the recipient, thereby verifying successful receipt and decryption of the transmitted encrypted message.

Further, digital signatures generated by this class of certificate are only to be used to acknowledge the receipt of electronic messages in transactions which are not related to or connected with the payment of money on-line or the making of any investment on-line or the conferring on-line of any financial benefit on any person or persons or entities of whatsoever nature and under no circumstances are digital signatures generated by these certificates to be used to acknowledge the receipt of messages sent in connection with the negotiation or conclusion of a contract or any legally binding agreement.

The “Key Usage” extension field specifies the usage of the key pair. For d-Cert (Encipherment), only the “Key Encipherment” bit and “Digital Signature” bit are set.