Certificate Authorities (CAs)
A Certificate Authority is the digital worlds version of a notary public. A Certificate Authority (or CA) is a trusted third party (hopefully a responsible one) that verifies the legitimacy of the public/private key pair as really belonging to the individual in question. They use a variety of techniques, such as verifying ones email address. You can request a digital certificate from a prominent CA such as VeriSign or Thawte, or (if you only need one for internal testing and dont need strong validity for production use) generate one yourself using a variety of development tools.
A huge list of CAs can be found at http://www.pki-page.org. Be aware that the cost for obtaining a digital certificate varies greatly on the source CA you choose, and the use to which you intend to put the certificate (certificates used by those who engage in high-value transactions normally undergo a more rigorous identity-verification process, and thus cost more).
Some public Certificate Authorities (CAs) are specifically authorized or approved by governmental entities, such as the Utah and California state governments.
Not all Certificate Authorities are public. Some organizations may opt to create an internal Certificate Authority for purposes of issuing internal digital certificates to staff.
A Certificate Authority:
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.