34,333
edits
Changes
→Certificate Authorities
Now that we have a basic understand what a PKI is and what it does we can begin to look at the various components of a PKI.
== Certificate Authorities (CA) == A ''certificate authority'' (CA) is the trusted third party responsible for validating the identity of a person or organization. Once the identity has been verified a ''certificate server'' generates a ''digital certificate'' containing the subject's public key. The digital certificate is then digitally signed with the CA's private key. Certificate Authorities are real organizations consisting of people and technologies whose job it is to validate the identity of those seeking digital certificates. The process of a CA are outlined documents known as ''certification practices statements'' (CPS). This document outlines issues such as how identities are confirmed and how digital certificates are maintained and transmitted. Before engaging the services of a CA it is important to carefully read the organizations CPS. == Registration Authorities (RA) ==
