Certificate Authority

(redirected from Certification Authority)
Also found in: Dictionary, Thesaurus, Medical, Financial, Acronyms.

Certificate Authority

(cryptography, body)
(CA or "Trusted Third Party") An entity (typically a company) that issues digital certificates to other entities (organisations or individuals) to allow them to prove their identity to others. A Certificate Authority might be an external company such as VeriSign that offers digital certificate services or they might be an internal organisation such as a corporate MIS department. The Certificate Authority's chief function is to verify the identity of entities and issue digital certificates attesting to that identity.

The process uses public key cryptography to create a "network of trust". If I want to prove my identity to you, I ask a CA (who you trust to have verified my identity) to encrypt a hash of my signed key with their private key. Then you can use the CA's public key to decrypt the hash and compare it with a hash you calculate yourself. Hashes are used to decrease the amount of data that needs to be transmitted. The hash function must be cryptographically strong, e.g. MD5.

http://home.netscape.com/comprod/server_central/support/faq/certificate_faq.html#11.
References in periodicals archive ?
A credible certification authority which does not have a digital certificate issued by another certification authority stands at the highest level of the previously mentioned hierarchy.
Under the EU Directive, as a minimum, EU member states are required to ensure that certification authorities are liable for the damage caused to any entity which reasonably relies on a qualified certificate issued by them, unless the certification authority can prove that it has not acted negligently.
GTE CyberTrust, the public key infrastructure and certification authority division of GTE Corp has licensed the digital certification validation software and services from ValiCert Inc.
They are (1) operating a securities exchange and (2) acting as a certification authority for digital signatures.

Full browser ?