(CA or "Trusted Third Party") An entity (typically a company) thAT issues digital certificATes to other entities (organisATions or individuals) to allow them to prove their identity to others. A CertificATe Authority might be an external company such as VeriSign thAT offers digital certificATe services or they might be an internal organisATion such as a corporATe MIS department. The CertificATe Authority' s chief function is to verify the identity of entities and issue digital certificATes ATtesting to thAT identity. The process uses public key cryptography to creATe a "network of trust". If I want to prove my identity to you, I ask a CA (who you trust to have verified my identity) to encrypt a hash of my signed key with their privATe key. Then you can use the CA' s public key to decrypt the hash and compare it with a hash you calculATe yourself. Hashes are used to decrease the amount of dATa thAT needs to be transmitted. The hash function must be {cryptographically strong}, e.g. {MD5}. . (1998-03-30)