A CertificationAuthority signs PublicKeys as trustworthy based on a policy, thereby forming the cornerstone of hierarchic PublicKeyInfrastructures such as in the X509 model. Thawte and VeriSign are well known examples.

This is in sharp contrast to the WebOfTrust PublicKeyInfrastructure model, where trust is granted between ad-hoc PeerToPeer relationships.

The following seems misplaced, but no obviously better home for it seems to exist in the wiki yet.

Importing root CertificationAuthority certificates in WebBrowsers

; Internet Explorer :

  • Get the CA's public certificate.
  • Open the file by double clicking.
  • Click [Install Certificate?
  • Click [Next?
  • Select "Place all certificates in the following store". Click [Browse?, select "Trusted Root Certification Authorities", click [OK?. Click [Next?.
  • Click [Finish?
  • Click [OK?
  • Click [OK?