Blueworx Voice Response Voice over IP supports digital certificates that comply with the X.509 standard.
In addition to the standards that specify the data format for a digital certificate, there are also standards for determining whether a certificate is valid. These standards have been updated over time in to prevent certain types of security breach. For example, older X.509 version 1 and 2 certificates did not indicate whether the certificate could be legitimately used to sign other certificates. A malicious user could obtain a personal certificate from a legitimate source and create new certificates that were designed to impersonate other users.
When using X.509 version 3 certificates, the BasicConstraints and KeyUsage certificate extensions are used to specify which certificates can legitimately sign other certificates. The IETF RFC 5280 standard specifies a series of certificate validation rules that compliant application software must implement to prevent impersonation attacks. A set of certificate rules is known as a certificate validation policy.