Learn something new every day
More Info... by email
A Certificate Authority (CA) is a trusted third party that issues digital certificates, mainly to online businesses. The Certificate Authority vouches for the identification of the business as an assurance to anyone exchanging personal information such as name, address, credit card, bank records or medical records. All such information is traded in encrypted form between the two parties, with the digital certificate acting as a positive ID of trust to the public.
Since it is easy for any thief with a modicum of skills to create a website and impersonate a legitimate business for the purpose of stealing personal information from visitors, digital certificates have become a necessity. The Certificate Authority requires information from the applying business such as name, address, phone, physical data such as faxed records, and the business's public encryption key, used to encrypt all sensitive data it collects from its customers. Other records and personal interviews might also be required.
Once a web business has met the requirements, the Certificate Authority issues a digital certificate that binds the ID and public encryption key to the website's secure server. When a customer connects to the secure server, the digital certificate issued by the Certificate Authority will be passed to the customer's browser. The browser checks it to make sure it's in order before accepting the encrypted session.
The trust placed in digital certificates is only as good as the Certificate Authority that issues them. For this reason, if the CA is not recognized, the browser will pop up a warning stating so. Newer Certificate Authorities that are not yet recognized might have their own digital certificate signed by a better-known CA. You might wonder why someone would get a digital certificate from an unknown Certificate Authority. The answer for smaller businesses is probably affordability.
Though digital certificates are most often issued to businesses or organizations, individuals can also obtain a digital certificate from a Certificate Authority. Certain companies require this of employees who want to take advantage of conveniences such as online union services. The digital certificate verifies the identity of the employee requesting personal services. Fees for digital certificates vary between Certificate Authorities, but in general digital certificates issued to individuals are less expensive than those issued to businesses. Commonly, fees cover a one to three-year period, then must be renewed to keep the certificate current.
Please correct my understanding.
->An organization has to get digital certificate using the name, address, encryption key, from a third party.
->when a customer connects to the secure server, this certificate is sent to the browser which verifies it.
One of our editors will review your suggestion and make changes if warranted. Note that depending on the number of suggestions we receive, this can take anywhere from a few hours to a few days. Thank you for helping to improve wiseGEEK!