Within the original public key infrastructure (PKI) concept, there was quite a heavy emphasis upon trust. Between registration authorities and certificate authorities (CAs), actions were performed which tested the trust that was to be associated with a newly created and issued certificate. CAs really would make background checks upon a company wishing to buy one or more digital certificates. They would check that a company or organisation was properly listed, who its executive officers were, whether it had ever been involved in any untoward activities and so on. Lastly, it would contact the company at the address given in order to satisfy itself that ...