Fandom

The IT Law Wiki

Certification authority

32,198pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definition Edit

A certification authority (also called a certificate authority or CA) is

similar to a notary. It is a specially established trusted organization or part of a larger organization that accepts the responsibility of managing the certificate process by overseeing the generation, distribution, renewal, revocation, and suspension of digital certificates.
organizations that issue digital certificates. These digital certificates certify the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or assertions made by the private key that corresponds to the certified public key. The CAs typically validate the identities of requestors before they issue certificates. This system breaks down, however, if CAs are unable to validate the applicants they vouch for and their authority over the domain name for which the certificate is applied.[1]

Overview Edit

Certification authorities are a main component of a PKI, which uses cryptographic techniques to generate and manage digital certificates.

The certification authority may set restrictions on a certificate, such as the starting date for which the certificate is valid as well as its expiration date. It is at times necessary to revoke digital certificates before their established expiration dates, for example, when the certificate holder leaves the issuing organization or when the private key is compromised. Therefore, the certification authority is also responsible for providing certificate status information and may publish a certificate revocation list in a directory or maintain an online status-checking mechanism.

Users of digital certificates are dependent on certification authorities to verify the digital certificates. If a valid certification authority is not used, or a certification authority makes a mistake or is the victim of a cyber attack, a digital certificate may be ineffective.

References Edit

  1. SSAC Advisory on Internal Name Certificates, at 4.

See also Edit

Also on Fandom

Random Wiki