Certificate Authorities

A Certificate Authority (CA) is a trusted third party that issues digital certificates to provide you with an assurance that the public key of an entity truly belongs to that entity.

The roles of a CA are:

On receiving a request for a digital certificate, to verify the identity of the requestor before building, signing and returning the personal certificate
To provide the CA's own public key in its CA certificate
To publish lists of certificates that are no longer trusted in a Certificate Revocation List (CRL). For more information, see Working with revoked certificates
To provide access to certificate revocation status by operating an OCSP responder server