What is a certificate authority?
A certificate authority (CA) is a third-party organization that verifies the information or identity of computers on a network, and issues digital certificates of authenticity. Certificate authorities usually have some kind of agreement with a financial institution that provides the information used to confirm an individual's identity. Digital certificates are used in a network security system to guarantee that the two parties exchanging information are really who they claim to be.
Depending on how a network's security system is configured, the certificate can include its owner's public key and name, the expiration date of the certificate, or other information. There are many certificate authorities on the Internet, though VeriSign is the best-known example.
At Indiana University, the IU Certificate Authority offers SSL certificates to the IU community. For more, see At IU, how do I obtain an SSL certificate for my web server?
For a general discussion of web security, see the World Wide Web Consortium's World Wide Web Security FAQ.
Last modified on May 10, 2011.