Issuing A Certificate
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not made available publicly, but kept secret by the end user who generated the key pair. The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates. CAs use a variety of standards and tests to do so. In essence, the Certificate Authority is responsible for saying "yes, this person is who they say they are, and we, the CA, verify that".
If the user trusts the CA and can verify the CA's signature, then he can also assume that a certain public key does indeed belong to whoever is identified in the certificate.
Read more about this topic: Certificate Authority
Famous quotes containing the word certificate:
“God gave the righteous man a certificate entitling him to food and raiment, but the unrighteous man found a facsimile of the same in Gods coffers, and appropriated it, and obtained food and raiment like the former. It is one of the most extensive systems of counterfeiting that the world has seen.”
—Henry David Thoreau (18171862)