certificate authority

A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the RA verifies the requestor's information, the CA can then issue a certificate.

Depending on the public key infrastructure implementation, the certificate includes the owner's public key, the expiration date of the certificate, the owner's name, and other information about the public key owner.

Learn more about PKI and Digital Certificates

	Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.
Can any firm or organization get a digital signature certificate?: Can any firm or organization obtain a digital signature? How is a digital signature obtained?
Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures: In an excerpt from Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures, authors Peter Thermos and Ari Takanen discuss the strengths and weaknesses of SRTP.
Secure user authentication: Regulations, implementation and methods: Learn about the FFIEC's mandate, how to choose the right authentication option for diverse user communities and how to implement an authentication strategy.
XML Security Learning Guide: Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and ...
Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.
Best practices in Internet security: The Access Certificates for Electronic Services Program: The Access Certificates for Electronic Services Program (ACES) brings multiple PKI service providers together into an interoperable public key infrastructure (PKI) for use by government entitites and ...

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - The U.S. Government Accounting Office has a presentation, "Advances and Remaining Challenges to Adoption of Public Key Infrastructure Technology." - VeriSign is the leading certificate authority, providing over 125,000 Web sites with SSL (Secure Sockets Layer) server certificates, mainly for use in e-commerce.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT How to encrypt passwords using network security certificates Learn the most secure way to transfer passwords to applications using network security, identity management, and application security certificates. Best Authentication Products Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart... DoD urges less network anonymity, more PKI use At Black Hat USA 2009, DoD CISO Robert Lentz says more technology is needed to protect both private and government networks from cybercriminals.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Certificate Revocation List  (SearchSecurity.com)