Word of the Day: certificate authority (CA)

Word of the Day Daily updates on the latest technology terms |March 29, 2017

certificate authority (CA) A certificate authority (CA) is a trusted entity that issues electronic documents that verify a digital entity's identity on the Internet. The electronic documents, which are called digital certificates, are an essential part of secure communication and play an important part in the public key infrastructure (PKI). Certificates typically include the owner's public key, the expiration date of the certificate, the owner's name and other information about the public key owner. Operating systems (OSes) and browsers maintain lists of trusted CA root certificates to verify certificates that a CA has issued and signed. Although any entity that wants to issue digital certificates for secure communications can potentially become their own certificate authority, most e-commerce websites use certificates issued by commercial CAs. Typically, the longer the CA has been operational, the more browsers and devices will trust the certificates a CA issues. Ideally, certificates are backward compatible with older browsers and operating systems, a concept known as ubiquity. Protocols that rely on certificate chain verification -- such as VPN and SSL/TLS -- are vulnerable to a number of dangerous attacks, including SSL man-in-the-middle attacks. Recently, trust in CAs has been shaken due to abuse of fraudulent certificates. Hackers have broken into various CA networks -- DigiNotar and Comodo, for example -- and signed bogus digital certificates in the names of trusted sites such as Twitter and Microsoft. In response, DigiCert became the first certificate authority to implement certificate transparency, an initiative intended to make it possible for a certificate to be issued for a domain without the domain owner's knowledge. Please note: CA also stands for conditional access, a term used in DTV. Quote of the Day "Organizations that choose to operate their own certificate authority need to put in place physical as well as logical security controls to ensure the security and integrity of their root signing keys and certificates." - Michael Cobb   Trending Terms digital certificate PKI virtual private network man-in-the-middle attack registration authority   Learning Center Google considers options on Symantec certificate authority 'failures' Symantec certificate authority offers excuses in an attempt to fend off consequences for CA improprieties set to be imposed by Google's Chromium team. Google creates its own root certificate authority Google launched its own root certificate authority but it is unclear if it will issue certificates only for Alphabet companies or third parties as well. Trusted? Certificate authority risks and how to manage them Can that CA be trusted? Certificate authority risks are many, but since there's no avoiding SSL and TLS, at least for now. Here's how to increase CA security. IT pros don't get cybersecurity risks around certificate authorities Venafi believes a Black Hat survey that shows low understanding of certificate authorities could mean cybersecurity risks in the future. Will Certificate Transparency solve certificate authority trust issues? Issues involving certificate authority trust and certificate abuse are nothing new. Learn how Google's Certificate Transparency proposal aims to detect and address these problems. Writing for Business Ideally, digital certificates are ________ compatible with older browsers and operating systems, a concept known as ubiquity. A. backwards B. backward Answer       Stay In Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com   Visit the Word of the Day Archives and catch up on what you've missed!   FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2016 TechTarget. All rights reserved.