CA/Terminology
|
THIS PAGE IS A WORKING DRAFT | 
|
| The page may be difficult to navigate, and some information on its subject might be incomplete and/or evolving rapidly. If you have any questions or ideas, please add them as a new topic on the discussion page. |
Certificate: An electronic document that uses a digital signature to bind a public key and an identity. Certificates are used in three primary functions within Mozilla software: to connect to an SSL-enabled web server or other SSL-enabled servers, to read digitally signed email from another user, to download and execute digitally signed code.
Certificate Policy: A set of rules that indicates the applicability of a named Certificate to a particular community and/or PKI implementation with common security requirements.
Certification Authority: An organization that is responsible for the creation, issuance, revocation, and management of Certificates. The term applies equally to both Roots CAs and Subordinate CAs.
Certification Practice Statement: One of several documents forming the governance framework in which Certificates are created, issued, managed, and used.
End-Entity Certificate: A Certificate that does not sign other Certificates.
Intermediate Certificate: A Certificate that is signed by either a Root Certificate or another Intermediate Certificate, and that signs either end-entity Certificates or other Intermediate Certificates.
Root CA: The top level Certification Authority whose Root Certificate is included in NSS.
Root Certificate: The self-signed Certificate issued by the Root CA to identify itself and to facilitate verification of Certificates issued to its Subordinate CAs.
Subordinate CA: A Certification Authority whose Certificate is signed by the Root CA, or another Subordinate CA.
Trust Anchor: A Certificate that is included in NSS, this is usually a Root Certificate, but under certain circumstances may be an Intermediate Certificate.