A principal may verify the authenticity of a Public Key that purportedly belongs to another principal by checking that it is signed by a trusted third principal (a Certificate Authority).

A Public Key signed in this way is called a Certificate.

Return to IT Security Concepts