CAs and PKIs

This section describes CAs and PKIs.

Two of the many well-known CAs on the Internet are VeriSign ( and Thawte ( You may find it useful to look at their Web sites from time to time while reading this chapter.

At this point we need to introduce the term "entity". A user of a network or intranet or the Internet might not be an individual person - it could be an organization, or even a machine. So we'll use the more general term "entity" from now on.