Unformatted text preview: other parties. Commercial CAs charge to issue certificates that will automatically be trusted by most web browsers. Aside from commercial CAs, some providers issue digital certificates to the public at no cost. Large institutions or government entities may have their own CAs.A CA issues digital certificates that contain a public key and the identity of the owner. When an end-user tries to access an unknown URL the web browser will contact the CA to confirm the public key of the URL. The matching private key is not similarly made available publicly, but kept secret by the end user who generated the key pair. The certificate is a confirmation by the CA that the public key contained in the certificate belongs to the purchaser of the certificate and that they are who they say they are. If the user trusts the CA and can verify the CA's signature, then he can also verify that a certain public key does indeed belong to whoever is identified in the certificate....
View Full Document
- Spring '10
- Cryptography, Public-key cryptography, Pretty Good Privacy, Certificate authority, Symmetric-key algorithm