Certification Authority

What is a Certification Authority?

A certification authority is a trusted third party organization that issues digital certificates to requesting organizations after a process of verifying (or certifying as the name implies) their credentialing information. As a part of this process, an issued digital certificate contains some of that information for identification purposes: such as the certificate holder's name, organization, address, etc. By issuing the digital certificate, the certification authority attests to the organization's identification contained therein, confirming that it is a legitimate entity.

Certification Authorities and PKI

Certification authorities do not issue certificates based upon certification practices alone. There are several contributing members in the process, and a number of events that must take place before a certificate can be issued. The certification authority is only part of a greater network, known as the public key infrastructure (PKI), which provides for the issuance and management of security certificates, credential verification, and public key encryption assignments. As a part of the PKI arrangement, the certification authority supplies applicant information to a registration authority, who will determine the validity of that information. If the applicant's information is verified, then the process moves forward; and a public key is assigned for encryption purposes. This public key is bound to the identity of the certificate holder upon issuance by the certification authority. As a final measure, the SSL certificate is encoded with the digital signature of the issuing certification authority, thereby authenticating both its contents and the process by which it was issued.

Entrust Upholds the Highest Certification Authority Standards

In order for its issued certificates to be accepted by a web browser supplier, such as Microsoft or Netscape, a certification authority generally must be trusted. This means that the certification authority must comply with an international set of telecommunications standards that were established specifically for the e-commerce industry and the issuing of qualified certificates. Entrust is not only a trusted certification authority by this criteria, but it the first certification authority in the world to earn the WebTrust Seal of Assurance from the institutions that manage these standards: the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).

The WebTrust Seal of Assurance symbolizes the integrity and professionalism of Entrust as a certification authority. It signifies Entrust's enduring commitment to upholding these international standards in all of its organizational practices and controls. The Seal also reflects the confidence and assurance you will find in all Entrust certificate products and services. That is why Entrust certificates are accepted by over 99% of existing web browsers: Entrust is a WebTrust trusted certification authority.