Certificate Authorities

As it turns out, there is no easy solution to the problem of identification. In order to assure that a particular public key belongs to a particular person (or domain name, for example, httphandbook.org), a certificate authority (CA) is used. A certificate authority is a trusted third party that assures the identity of a public key’s owner with a digital certificate. A digital certificate is a document that declares that a particular public key is owned by a particular Web site (see Figure 18.3). The CA’s role is very similar to a notary whose responsibility is to ensure the correct identity of people signing a legal document.

Figure 18.3. A digital certificate assures the identity of a public key’s owner.

The digital ...

Get HTTP Developer’s Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.