Talk:Certificate authority

From Wikipedia, the free encyclopedia

WikiProject on Cryptography This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.
WikiReader Cryptography It is intended that this article be included in WikiReader Cryptography, a WikiReader on the topic of cryptography. Help and comments for improving this article would be especially welcome. A tool for coordinating the editing and review of these articles is the daily article box.
To-do list for Certificate authority: edit  · history  · watch  · refresh
  • List some important CAs

SSL CAs: Verisign, GeoTrust, Thawte, Cybertrust, DigiCert, Comodo, Entrust.net, GlobalSign, SecureTrust/Xramp, GoDaddy

Random sampling of Certification Service Providers (CSP):

  • Austria: A-Trust
  • Belgium: Certipost
  • Brasil: Unicert
  • France: Keynectis, Certinomis
  • Germany: TC-Trustcenter, Telekom, Deutsche Post
  • Holland: DigiNotar
  • Hong Kong: Digisign, Hongkong Post
  • India: Tata
  • Italy: Postecert, Actalis
  • Poland: Certum
  • Spain: Catcert, Izenpe, ACCV, IPSca
  • Switzerland: QuoVadis (also Bermuda), Swisscom, Swisssign
  • Tunisia: ANCE
  • UAE: Etisalat
  • UK: Trustis

-- Cryptoki 01:25, 21 February 2007 (UTC)

Contents

[edit] The first CA

Who was the first commercial CA?

RSA Certificate Services which was spun out as VeriSign Inc. --66.31.35.185 16:56, 14 March 2006 (UTC)

[edit] Trust of a CA

Should there not be some discussion and references to the methods involved in developing a third party trust particular to the Certificate Authority/PKI technology and industry?

http://www.ietf.org/rfc/rfc3647.txt
Internet Engineering Task Force IETF RFC3647
November 2003M

"This document presents a framework to assist the writers of certificate policies or certification practice statements for participants within public key infrastructures, such as certification authorities, policy authorities, and communities of interest that wish to rely on certificates. In particular, the framework provides a comprehensive list of topics that potentially (at the writer's discretion) need to be covered in a certificate policy or a certification practice statement. This document supersedes RFC 2527."


http://webstore.ansi.org/ansidocstore/product.asp?sku=ANSI+X9.79%3A2001
American National Standards Institute ANSI X9.79:2001
2001

"Defines the components of a PKI and sets a framework of practices and policy requirements for a PKI. The standard draws a distinction between PKI systems used in open, closed and network environments. It further defines the operational practices relative to industry accepted information systems control objectives. PKI practices implementing this standard can support multiple policies that incorporate the use of digital signature technology. This standard allows for the implementation of operational, baseline PKI practices that satisfy industry accepted information systems control objectives."


http://ftp.webtrust.org/webtrust_public/tpafile7-8-03fortheweb.doc
AICPA/CICA Web Trust Program for Certificate Authorities Version 1.0
American Institute of Certified Public Accountants/
Canadian Institute of Chartered Accountants
August 25, 2000

"This document provides a framework for licensed WebTrust® practitioners to assess the adequacy and effectiveness of the controls employed by certification authorities (CAs)." (p12!)


http://www.ietf.org/rfc/rfc2527.txt
Internet Engineering Task Force IETF RFC2527
March 1999

"This document presents a framework to assist the writers of certificate policies or certification practice statements for certification authorities and public key infrastructures. In particular, the framework provides a comprehensive list of topics that potentially (at the writer's discretion) need to be covered in a certificate policy definition or a certification practice statement."

[edit] Requested move

While "certificate authority" is common, "certification authority" is the more correct (cf. "registration authority", not "register authority"). "Certification authority" is the term standardized by X.509. --Ant 09:38, 8 January 2007 (UTC)

509 is increasingly irrelevant to real world practice. And in the case of hte English terms here, certificate is a thing (though abstact) which is issued by some entity (the authority). That entity does not do certification in some even more abstract sense. I would retain the usual usage here for that reason, as well as for the reason of usual usuage. Disagree. ww 00:42, 9 January 2007 (UTC)
As there does not appear to be consensus for the renaming, I'm delisting the request from WP:RM. -GTBacchus(talk) 00:37, 15 January 2007 (UTC)

[edit] Safelayer.com

An editor using the IP address 81.44.89.205 has added a link to Safelayer.com in the "Free providers" section. However, when I took a cursory look at the link, I didn't see any mention of free certificates. Can the editor point out exactly what free services are avaialable? --Gerry Ashton 23:38, 20 February 2007 (UTC)