In the simplest case, the owner of a NetKey/ IDKey can issue himself a certificate. This is then a self-signed certificate. Strictly speaking, the owner therefore only claims that he has a specific identity and possesses a specific key.

From a technical viewpoint, such certificates can be used for all purposes whereby the certificate is accepted as being legitimate. Identity checking in such cases usually takes place in advance, e.g., by phone or in a face-to-face meeting when there is an agreement to collaborate on this basis.