What is a Certification Authority (CA)?
Not just anybody can issue trusted SSL Certificates. If they could then there would be no trust in SSL – and it could no longer be used commercially. Instead only Certification Authorities, or CAs as they are commonly known, can issue trusted SSL Certificates. CAs have generally invested in establishing the technology, support, legal and commercial infrastructures associated with providing SSL certificates. Even though CAs are essentially self-regulated, the nearest to a regulatory body is the WebTrust compliancy program operated by AICPA/CICA. The majority of CAs comply to the WebTrust principles, however some CAs do not have WebTrust compliance. Those CAs who are WebTrust compliant display the WebTrust Seal, as seen below. Ernst and Young Webtrust The WebTrust Seal of assurance for Certification Authorities symbolizes to potential relying parties [e.g. to the end customer] that a qualified practitioner has evaluated the CA’s business practices and controls to determine whether they a
Not just anybody can issue trusted SSL Certificates. If they could then there would be no trust in SSL – and it could no longer be used commercially. Instead only Certification Authorities, or CA’s as they are commonly known, can issue trusted SSL Certificates. CA’s have generally invested in establishing the technology, support, legal and commercial infrastructures associated with providing SSL certificates. Even though CA’s are essentially self-regulated, the nearest to a regulatory body is the WebTrust compliancy program operated by AICPA/CICA. The majority of CA’s comply to the WebTrust principles, however some CA’s do not have WebTrust compliance. Those CA’s who are WebTrust compliant display the WebTrust Seal, as seen below. The WebTrust Seal of assurance for Certification Authorities symbolizes to potential relying parties [e.g. to the end customer] that a qualified practitioner has evaluated the CA’s business practices and controls to determine whether they are in conformity wi
A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. CAs are a critical component in data security and electronic commerce because they guarantee that the two parties exchanging information are really who they claim to be.
When VeriSign issues an SSL Certificate, we act as a Certificate Authority (CA). VeriSign digitally signs each certificate we issue. Each browser contains a list of CAs to be trusted. When the SSL handshake occurs, the browser verifies that the server certificate was issued by a trusted CA. If the CA is not trusted, a warning will appear. When high-security browsers recognize an Extended Validation SSL Certificate, they display the name of the CA next to the browser bar. VeriSign is one of the most trusted CAs on the Internet. (See VeriSign Secured Seal Research Review.) The VeriSign Trial Root CA is for testing purposes only and is not included in any browsers trust list.
