Most PKIs consist of many roles. Some roles are optional and based on the level of assurance desired, but it is useful to understand PKI terminology. Following are some terms you should know:
• Certificate Authority (CA)—An entity that issues digital certificates that certify ownership of a public key by the named subject of the certificate.
• Root CA—The first CA in a PKI, this role anchors the CA hierarchy. The entire PKI is only as trustworthy as the Root CA. Any user, computer, or service that trusts the Root CA implicitly trusts any certificate issued by other CAs in the hierarchy.
• Policy CA—Typically located at the second tier of a CA hierarchy, the Policy CA’s job is to issue certificates to other CAs, not to ...