The OpenCA Book: A guide to OpenCA, the Open Certification Authority | ||
---|---|---|
Prev | Chapter 2. Description of a Certification Authority | Next |
There are different grades of security that the Certificates can have, depending on how much assurance the Certification Authority has that the owner of the Certificate is that one claimed to be. In the case of evaluation certificates, as they are available by companies like Verisign™, the only proof of identity needed is the validity of the e-mail given. The company sends an e-mail to the address given and once the user replies, she can get the certificate. This is acceptable for user certificates that are to be used for typical Internet services. For companies to conduct their business over the Internet, higher level certificates are used.