A method and system for secure network communications are disclosed. The method includes receiving at the service provider a request 410 from a client that includes an identifier (e.g., a digital certificate) for the client The identity is authenticated by the service provider by retrieving a stored copy of a digital certificate for the client sending the request and comparing the copy of the digital certificate included with the request to the stored copy. If authenticated, access to the service provider is granted and typically, a response is generated and transmitted to the client that includes an identifier or a digital certificate for the service provider. The client then authenticates 476 the service provider by comparing the certificate with a stored copy prior to transmitting further messages. The method preferably includes encrypting and decrypting the requests and the responses using private and public key pairs associated with the stored digital certificates.