ca.htm

The Open–source PKI Book Version 2.4.6 Edition Copyright &copy 1999, 2000 by Symeon (Simos) Xenite

<HTML
><HEAD
><TITLE
>Certification Authority</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.55"><LINK
REL="HOME"
TITLE="The Open&#8211;source PKI Book"
HREF="ospki-book.htm"><LINK
REL="UP"
TITLE="Introduction to Cryptography"
HREF="introduction-to-cryptography.htm"><LINK
REL="PREVIOUS"
TITLE="Certificates"
HREF="certificates.htm"><LINK
REL="NEXT"
TITLE="Basic functionality of a Public Key Infrastructure[TODO]"
HREF="description-pki.htm"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The Open&#8211;source PKI Book: A guide to PKIs and Open&#8211;source Implementations</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="certificates.htm"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 2. Introduction to Cryptography</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="description-pki.htm"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="CA"
>Certification Authority</A
></H1
><P
>	The trusted agency that signs Certificates with its private key
	and lets others verify Certificates by the usage of the corresponding
	public key is called a Certification Authority, or <SPAN
CLASS="ACRONYM"
>CA</SPAN
>.
	This Certification Authority is also known as a Trusted Third Party (<SPAN
CLASS="ACRONYM"
>TTP</SPAN
>), 
	since it is regarded that, in order to be trusted, it should not have
	common interests with any of the two parties. 
  </P
><DIV
CLASS="NOTE"
><P
></P
><TABLE
CLASS="NOTE"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="stylesheet-images/note.gif"
HSPACE="5"
ALT="Note"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>	It is believed that a bank should not be a Certification Authority and also be
	the party that you make economic transactions with. They reason
	is that, as a CA, it can favor itself, as a party one does
	business with. 
  </P
></TD
></TR
></TABLE
></DIV
><P
>  	In this document we concentrate on the technical aspects of the
	Certification Authority.
  </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="certificates.htm"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ospki-book.htm"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="description-pki.htm"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Certificates</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="introduction-to-cryptography.htm"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Basic functionality of a Public Key Infrastructure[TODO]</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>