Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use
to verify the validity’s of Joe’s certificate? (Select TWO).

A.
The CA’s public key

B.
Joe’s private key

C.
Ann’s public key

D.
The CA’s private key

E.
Joe’s public key

F.
Ann’s private key

Explanation:
Joe wants to send a message to Ann. It’s important that this message not be altered. Joe will use
the private key to create a digital signature. The message is, in effect, signed with the private key.
Joe then sends the message to Ann. Ann will use the public key attached to the message to
validate the digital signature. If the values match, Ann knows the message is authentic and came
from Joe. Ann will use a key provided by Joe—the public key—to decrypt the message. Most
digital signature implementations also use a hash to verify that the message has not been altered,
intentionally or accidently, in transit. Thus Ann would compare the signature area referred to as a
message in the message with the calculated value digest (her private key in this case). If the
values match, the message hasn’t been tampered with and the originator is verified as the person
they claim to be. This process provides message integrity, nonrepudiation, and authentication.
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and
distributing certificates. A certificate is nothing more than a mechanism that associates the public
key with an individual.
If Joe wants to send Ann an encrypted e-mail, there should be a mechanism to verify to Ann that
the message received from Mike is really from Joe. If a third party (the CA) vouches for Joe and
Ann trusts that third party, Ann can assume that the message is authentic because the third party
says so.