Certification Authority
A Certificate Authority or CA accepts requests for certification, verifies the identity claim, and then issues the certificate. The mechanism used for identity verification depends on the type of certificate issued and the relationship between the requestor and the issuer. For example, an employer issuing personal certificates to its employees could use its human resources database for identity verification. A general purpose CA like Verisign would verify the claim of a company requesting a server certificate or code signing certificate as per its verification policies.
The CA also maintains a repository of unexpired certificates and CRLs. A CRL (Certificate Revocation List) is a list of unexpired but reported as compromised ...
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
