(CA or "Trusted Third Party") An entITy (typically a company) that issues digITal certificates to other entITies (organisations or individuals) to allow them to prove their identITy to others. A Certificate AuthorITy might be an external company such as VeriSign that offers digITal certificate services or they might be an internal organisation such as a corporate MIS department. The Certificate AuthorITy' s chief function is to verify the identITy of entITies and issue digITal certificates attesting to that identITy. The process uses public key cryptography to create a "network of trust". If I want to prove my identITy to you, I ask a CA (who you trust to have verified my identITy) to encrypt a hash of my signed key wITh their private key. Then you can use the CA' s public key to decrypt the hash and compare IT wITh a hash you calculate yourself. Hashes are used to decrease the amount of data that needs to be transmITted. The hash function must be {cryptographically strong}, e.g. {MD5}. . (1998-03-30)