FAQ
Frequently (and less often) asked questions about the security and how the system works.
All digital certificates issued by Tauliah are X.509v3 digital certificates. These are digital documents that contain a variety of credential information that is digitally signed by a certificate authority.
X.509 is a defined International Telecommunications Union (ITU) standard. First created in 1988, it has become the gold standard for digital certificates. The Internet Engineering Task Force (IETF) working group adapted the standard to the more flexible organization of the Internet. In fact, the term X.509 certificate usually refers to the IETF’s PKIX certificate and CRL Profile of the X.509 v3 certificate standard, as specified in RFC 5280, commonly called PKIX for Public Key Infrastructure (X.509).
Each digital certificate issued by Tauliah is signed using Elliptic Curve Cryptography (ECC) – the same kind of digital signature technology used by Bitcoin for security. A digital signature ensures the integrity of a digital document, which prevents tampering and provides publicly verifiable authenticity.
Just fill up the credentials that you wish to issue into a spreadsheet (according to the template provided) and upload it with your order. Once payment is received, the digital certificates are issued automatically based on the information provided in the spreadsheet. Ensure that the details are accurate as we cannot alter any certificate once it is issued – this is a security feature.
You may provide as much information as you wish. The X.509v3 digital certificates store a number of different fields: Name, Serial Number, Event Title, Event Detail, License Number, Country, State/City, Expiry Date, Email Address, etc. These fields cover most applications that require digital certificates. Details for each field of data is provided in the sample spreadsheet template provided below.
Once payment is received, the whole process of issuing a secure digital certificate, rendering and encrypting a printable PDF certificate, and sending out an email to the recipient, takes about a second for each certificate. So a typical order is fulfilled in a matter of minutes. Feel free to issue as many certificates as you need.
As digital certificates are not human-readable, a printable PDF certificate is provided as a supplement. The PDF certificate will be automatically sent out via email. That person will be able to download the certificate for printing.
Each downloaded PDF certificate is encrypted using the state-of-the-art Advanced Encryption Standard (AES) cipher with a randomly generated key that is only known to the owner/user of the document. This is the same encryption algorithm used by global governments to protect state secrets. So, there is no need to worry about anyone else other than the owner/user being able to access or alter the document.
There are a number of different generic and specialty layouts that subscribers are able to choose from. Most layouts are available in a portrait/landscape orientation. With an appropriate subscription, certain elements of a certificate can be altered such as the logo, font, and colours. Some plans include a designer certificate customised to the specific subscriber – for a small design fee.
Each issued certificate comes with a link-back to a publicly accessible web-based validation application. The link-back is coded into the digital certificate and printed as text on the PDF certificate and as a QR code. Once the certificate is validated, the application displays the entire Chain of Trust to the user, along with issuer and certificate details. If the validation fails, it displays an error message to inform the user. The web application is built using industry standard web technologies.
Yes, the link-back provided in both the digital and digitised certificates can be publicly shared by the owner/user. The validation application also provides convenient shareable links to several popular social media sites that will link-back to the application to easily validate the certificate credentials.
For subscribers on the appropriate plan, the logo, font and colour scheme of the application is customisable.
You can terminate your paid subscription plan at any time by stopping it at the end of the current billing cycle. Upon termination, you will no longer be able to issue any new certificates. In addition, you may lose access to the validation application – your end-users may lose the ability to publicly validate their credentials. While existing certificates are not deleted, they may be moved to archival storage. You will need to inform us by email if you wish to permanently delete all existing certificates.
This can be done by simply disabling automatic renewals from your account page and allowing the subscription to lapse. If this does not work, you may also inform us of your intention to cancel your subscription by email. If you allow your subscription to lapse and wish to re-enable your subscription in the future, you will be billed for the intervening months.