The public key cryptosystem provides an effective method for keeping information confidential. A digital certificate provides a way to verify the integrity of your communication. When you go to Amazon’s site, how do you know it’s really Amazon? You know because of the digital certificate. A digital certificate, also known as an identity certificate, or public key certificate, provides a digital signature that binds a public to key to a person or organization. The digital certificate is used to verify that a public key belongs to an individual.
A certificate authority is a trusted entity that issues digital certificates. The digital certificate certifies ownership of the public key by the named subject of the certificate.
Who is the certificate authority? Is it a government agency? Can anyone become a certificate authority?
The certificate authority is a trusted third-party. Some are better (more trusted) than others. It can range in price from hundreds to thousands per year to have your public key verified by certificate authority. Verisign is one of the oldest and most trusted certificate authorities. They are also one of the most expensive.
The idea is that if you have an online business wherein you would handle people’s sensitive information, you want to be viewed as trustworthy and respectable. The stamp of a credible certificate authority provides this trust and respect for your customers. The certificate authority has lots of responsibility on their end of the bargain. They want to protect their track record of successfully verifying identity. If they make a mistake, then all credibility could be lost, and the public may no longer choose to use them as a trusted authority.
Knowing the Certificate Authorities to Trust
Chances are, the operating system of your computer has pre-installed a list of certificate authorities and their digital certificates. Naturally, Verisign is one of the authorities that is probably included in the pre-installed list. Thus, the operating system (Windows, for example), has placed lots of trust in an authority that is on this pre-installed list. In essence, all the respect you have for Verisign comes from their proven ability to verify the integrity of public keys.