Certification Authorities
A local PKI client generates its own public/private key pairs. It is free to send the public key to other entities, but there is no reason why the other entities should trust it because nothing validates the source of the certificate.
Turning self-generated public keys into something trustworthy requires the intervention of a Certification Authority, or CA. A CA acts like a notary public. It affixes its own signature to a client's public key, thereby proclaiming the key to be valid, at least to anyone who trusts the CA.
A CA is the ultimate entrepreneur. Anyone with administrative rights on a server running Windows Server 2003 or UNIX/Linux server can install the certificate services and go into the certificate issuance ...
Get Inside Windows® Server 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
