Certificates offer a way of providing assurance about a public key. In general, they consist of the following components:
The public key
Some associated information such as an identity or access authorization
A date of issuance and expiration
An authenticating digital signature by a “certification authority” over this information
Anyone knowing and trusting the public key of this “authority” and having the certificate can have confidence that the public key inside the certificate is associated with the identity or should have the access indicated. See Figure 2-6.
This verification can be continued through ...