<cryptography, body> (CA or "Trusted Third Party") An entity
(typically a company) that issues digital certificates to
other entities (organisations or individuals) to allow them to
prove their identity to others. A CertificateAuthority might
be an external company such as VeriSign that offers digital
certificate services or they might be an internal organisation
such as a corporate MIS department. The Certificate
Authority's chief function is to verify the identity of
entities and issue digital certificates attesting to that
identity.
The process uses public key cryptography to create a
"network of trust". If I want to prove my identity to you, I
ask a CA (who you trust to have verified my identity) to
encrypt a hash of my signed key with their private key.
Then you can use the CA's public key to decrypt the hash and
compare it with a hash you calculate yourself. Hashes are
used to decrease the amount of data that needs to be
transmitted. The hash function must be {cryptographically
strong}, e.g. MD5.
http://home.netscape.com/comprod/server_central/support/faq/certificate_faq.html#11.
(1998-03-30)
Certificateauthority
In cryptography, a certificateauthority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.
An offline root certificateauthority is a certificateauthority (as defined in the X.509 standard and ) which has been isolated from network access, and is often kept in a powered-down state.
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.