Certificate Authority
<cryptography, body> (CA or "Trusted Third Party") An entity (typically a
company) that issues digital certificates to other entities (organisations or
individuals) to allow them to prove their identity to others. A Certificate
Authority might be an external company such as VeriSign that offers digital
certificate services or they might be an internal organisation such as a
corporate MIS department. The Certificate Authority's chief function is to
verify the identity of entities and issue digital certificates attesting to that
identity.
The process uses public key cryptography to create a "network of trust". If I
want to prove my identity to you, I ask a CA (who you trust to have verified my
identity) to encrypt a hash of my signed key with their private key. Then you
can use the CA's public key to decrypt the hash and compare it with a hash you
calculate yourself. Hashes are used to decrease the amount of data that needs to
be transmitted. The hash function must be cryptographically strong, e.g. MD5.
http://home.netscape.com/comprod/server_central/support/faq/certificate_faq.html#11.
(1998-03-30)
Nearby terms:
CERN « CERNLIB « CERT « Certificate Authority
» CESP » CESSL » cextract
|