Cyber Security

Web Security - Certificates

Internet security is based on certificates. These certificates may be issued from several sources including commercial, BCT, or DoD. Each of these publish their Root Certificate Authority (CA).



Installation Procedures

The following installation procedures apply to root CA's from commerical, BCT, or DoD issuers.

Windows Installation instructions.

Macintosh Installation instructions.

iPhone Installation instructions.


Certificate Concepts

Read this section if you would like a more detailed explanation of why we operate our own certificate system and why you should install our corporate root certificate.

Certificates are used to set up a secure connection to an internet website. This includes authentication of the server and establishing an encrypted session with the web server to protect your information from being intercepted and read by unauthorized people or machines. The technical name for the secure session is Transport Layer Security (TLS), but this is more commonly referred to by the original terminology Secure Socket Layer (SSL).

When you first connect to any of our BCT-LLC secure sites, your web browser checks the certificate for these sites, and if you have not previously established a chain-of-trust for BCT-LLC servers by installing our root certificate, your browser has no way of knowing that you trust our servers. It lets you know this with a warning, which you can safely choose to ignore. These warnings are intended to protect people against spammers and phishers who use fake links that people click but do not really know to whom they are connecting.

The chain-of-trust is an unbroken sequence of trusted connections beginning with a trusted root authority and ending with the individual user. All that a certificate warning is checking is whether or not the web site's name has been verified by someone you trust; either a specific root certificate authority you have installed, or from one of the commercial companies that sell certificates for verified web sites.

Microsoft, Apple, and other vendors operate programs to qualify and pre-install trusted root certificate authorities as part of their operating system. These vendors trust these root certificate authorities based on their criteria, which they publish. You should note that this list includes a large number of commercial firms who sell certificates to web sites and other companies as a revenue stream. This list of default trusted root certificate authorities also includes many foreign governments.

We believe that our own directly assigned chain-of-trust is more relevant than Microsoft's or Apple's defaults. If you believe that you are receiving our BCT LLC root certificate authority in a secure manner from a source that you know (such as this web site), then you can safely receive and install our root certificate as trusted, and the warnings will go away. If you want additional verification for your "chain of trust", then call us on the phone and we will verbally verify the certificate. You can download the certificate yourself from this web site.


PGP Key

If you need to communicate with us securely, you may use PGP encrypted messages.

Read more about using PGP.