• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 9. Securing Your Internet Transa... > The Almighty Certificate Authority

The Almighty Certificate Authority

A certificate cannot certify itself. That is, by itself, a certificate cannot be trusted. Some entity has to mark the certificate as valid with a trusted seal of approval. The PKI model includes a CA, which essentially signs and validates a given certificate as being trustworthy. The CA is at the top of the PKI pyramid. The CA can be a company like VeriSign, Entrust, or Thawte who manages digital certificates for public Internet citizens. It can also be a government organization like the U.S. Postal Service, or a private company like the one you work for that wants to use certificates for employee identification purposes. Sometimes, a CA can even be an individual like you or me.

We are focusing on CAs that serve the public Internet community, even though any CA serves the same purposes. Many CAs can exist in a single country, and each can operate independently of the other. In many cases, a chain is formed where a large root CA is responsible for establishing a chain of trust between smaller CAs.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint