Getting to grips with Public Key Infrastructure (PKI) can be a challenging task to say the least and it's certainly a subject we would encourage you to understand, but for now we'll assume you know your way around a Microsoft Enterprise Certificate Authority implementation.
It's from this server, whether a root CA or intermediate CA, that certificates will be issued and the two primary types that you're likely to see when working with UAG publishing and certificate authentication, are user certificates and machine certificates (also known as computer certificates). At a glance, they're not much different structurally, but in PKI terms, they serve different purposes. Their exact properties and usage scenarios can be observed through their respective source templates that reside on their issuing CA. Of the two, it is the user certificates that are required for this authentication scheme and the type of certificate template used to create these certificates...