Certification Authority

The trusted agency that signs Certificates with its private key and lets others verify Certificates by the usage of the corresponding public key is called a Certification Authority or CA. This Certification Authority is also known as a Trusted Third Party (TTP), since it is regarded that, in order to be trusted, it should not have common interests with any of the two parties.

Note: Some people believe that a bank should not be a Certification Authority and also be the party that you make economic transactions with. They reason is that, as a CA, it can favor itself, as a party one does bussines with.

In this document we will concetrate in the technical aspects of the Certification Authority, rather than the other aspects.