(CA or "Trusted Third Party") An eNTity (typically a company) that issues digital certificates to other eNTities (organisations or individuals) to allow them to prove their ideNTity to others. A Certificate Authority might be an external company such as VeriSign that offers digital certificate services or they might be an iNTernal organisation such as a corporate MIS departmeNT. The Certificate Authority' s chief function is to verify the ideNTity of eNTities and issue digital certificates attesting to that ideNTity. The process uses public key cryptography to create a "network of trust". If I waNT to prove my ideNTity to you, I ask a CA (who you trust to have verified my ideNTity) to encrypt a hash of my signed key with their private key. Then you can use the CA' s public key to decrypt the hash and compare it with a hash you calculate yourself. Hashes are used to decrease the amouNT of data that needs to be transmitted. The hash function must be {cryptographically strong}, e.g. {MD5}. . (1998-03-30)