A certification authority (CA) is a person entrusted with obtaining unique user identification traits. More often than not certification authorities are employees within organizations for which electronic documents or records, such as bank records, are considered highly sensitive or confidential, and could be used for illicit purposes. These carefully selected employees are granted the authority to authenticate specific individual information regarding potential employees or website visitors. Certification authorities’ Internet or work-related computer activities are ultimately audited by way of asymmetric cryptography.
CAs certify individuals and/or businesses that need or want access to secure organizational information, sometimes within websites. In doing so, CAs collect information to screen individuals during the authentication process. The amount of information collected and/or the complexity of the screening process is directly related to how secure the information is.
There are both internal and external certification authorities, which can be individuals or a group. Internally, CAs assist in communication between employees and computer links. Externally, they allow clients to access links within an organization’s or company’s website. Root certificates may enable a user to be permitted to view specified information when more than one CA exists. VeriSign is an example of a company that would employ several CAs.
