Certificate Authority

Also found in: Dictionary, Thesaurus, Medical, Financial, Acronyms, Wikipedia.
Related to Certificate Authority: Comodo

Certificate Authority

(cryptography, body)
(CA or "Trusted Third Party") An entity (typically a company) that issues digital certificates to other entities (organisations or individuals) to allow them to prove their identity to others. A Certificate Authority might be an external company such as VeriSign that offers digital certificate services or they might be an internal organisation such as a corporate MIS department. The Certificate Authority's chief function is to verify the identity of entities and issue digital certificates attesting to that identity.

The process uses public key cryptography to create a "network of trust". If I want to prove my identity to you, I ask a CA (who you trust to have verified my identity) to encrypt a hash of my signed key with their private key. Then you can use the CA's public key to decrypt the hash and compare it with a hash you calculate yourself. Hashes are used to decrease the amount of data that needs to be transmitted. The hash function must be cryptographically strong, e.g. MD5.

This article is provided by FOLDOC - Free Online Dictionary of Computing (foldoc.org)


(1) (Certification Authority or Certificate Authority) An organization that issues digital certificates (digital IDs) and makes its public key widely available to its intended audience. See digital certificate and cryptography.

(2) See CA Technologies.

(3) (Continuous Availability) See fault tolerant.

(4) (.CA) The country code for Canada. See country code.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
This also makes the registration authority and the certificate authority parties to the use of the signature.
NORDIC BUSINESS REPORT-10 September 2003-Sweden Post to hand over Certificate Authority operations to TeliaSonera(C)1994-2003 M2 COMMUNICATIONS LTD http://www.m2.com
To prevent that, FERC says it intends to continue to closely monitor blanket certificate projects, and in cases when a project sponsor relies on blanket certificate authority for multiple projects, to review blanket activities to verify that individual projects are not piecemeal portions of a larger integrated undertaking.
This recent certificate authority attack means that a criminal site could have a valid website certificate for a bank that would make the criminal site seem legitimate to software protections in browsers and anti-virus programs.
To recap, when it issued the Order 686, FERC broadened the types of natural gas projects permitted under blanket certificate authority to include certain mainline, storage, and LNG and synthetic gas pipeline facilities, and increased the blanket certificate project cost limits from $8.2 to $9.6 million for automatic authorization projects and from $22.7 to $27.4 million for prior notice projects.
There are not many CSOs or IT Security Directors who can expect to survive a digital certificate compromise or a certificate authority (CA) compromise on the basis of "there were no warning signs."
A user has posted a video on how to remove the software manually, but reports further say removing Superfish software can leave root certificate authority behind.
In a recent poll of vSEC:CMS customers, users said they rely heavily on the identification and access management solution to unblock and change user PINs, to connect to Microsoft Active Directory, and for connections to the Certificate Authority. Other top uses included remotely unblocking user pins, performing certificate lifecycle management, creating PIN policy updates, connecting to the mail server and facilitating user self-service card renewals.
To address this cybersecurity risk and increase compliance with industry and government regulations, Sectigo (formerly Comodo CA), the world's largest commercial Certificate Authority and a provider of web security solutions, has released the industry's first Zero-Touch deployment email encryption and digital signing solution to use the Secure/Multipurpose Internet Mail Extension (S/MIME) protocol.
* Best - Extended Validation (EV): The Certificate Authority follows a uniformly high set of authentication procedures specified by the governing industry standards body to ensure that the true identity of the certificate holder is represented.
Additionally, it is fully interoperable with both Intel Shiva Access Manager and the Intel Shiva Certificate Authority for integrated direct-dial and VPN authentication, authorization and accounting.

Full browser ?