After all, what is a Certification Authority?

Whenever we talk about digital certification, we mention what the Certification Authority (CA) is, but do you know what they are? Although very present in the daily lives of those who issue, verify, or only use certificates and digital signatures, the importance of this entity is still not fully understood. To answer your questions about the topic, Clicksign has prepared a complete content that seeks to clarify the functions, regulations and different types of CA that exist in our digital reality. Read on and learn even more about the world surrounding digital documents!

‍

‍

Certification authorities: what are they?

Certification authorities are the entities that issue digital certificates and also revoke them. They can be public or private, and they must be accredited in what we call AC—Root. There are different types and responsibilities included in this group of institutions. and its operation is regulated according to the laws of the ICP-Brazil (Brazilian Public Key Infrastructure). Recommended additional reading:”Learn what digital certificates are and how they work!“

What are the functions of a Certification Authority?

As we said, these entities are in charge of issuing digital certifications, but that's not their only function! They are also responsible for managing and distributing the records to those who requested them - you. In addition to these points, a CA must disclose which permissions were revoked through the publication of the Revoked Certificates List. The LCR is published with a certain frequency, informing the public which registrations were canceled before their expiration time. That way, It becomes public which digital signatures are no longer valid and are therefore not accepted. The data released includes the name, number of the certificate, and the date it was revoked.

Why are Certification Authorities so important?

There is a trust factor on the part of applicants towards ACs. They provide documentation, data and leave the security of their digital files in charge of the security of their digital files. The certificate they issue prevents documents - often involved in very important transactions - from being corrupted and thus guarantees secure processes even over a long distance. In addition, these entities provide an innovative service that has an influence on the most diverse areas such as technology, health, education, real estate, among others. Digital certificates are items that make the difference for both individuals and legal entities, including mandatory security for some projects. We talk more about this last point in the post”Digital certificate for companies: do they all need to have one?”.

What types of certification authorities are there?

There is more than one AC category, each of which has a different function. Still, they are interconnected and are part of the process of issuing a digital certificate. Find out exactly what these categories are and what their characteristics are:

• Certification Authority—Root: responsible for the regulation of the CA subordinate to them. It is also where new ACs are accredited to be able to perform the function;
• Certifying Authority: public or private institutions that, in fact, issue, renew, or cancel digital certificates;
• Weather Certification Authority: It is the one that is responsible for issuing and validating the Time Stamp that some certifications require. They attest that a certain digital document exists or existed for a time.

This division exists to help organize the complex process of generating a digital certificate and was regulated by MP 2,200/01 in art. 6. It defines that:

Art. 6 AC Raiz, the first authority in the certification chain, executor of the Certificate Policies and technical and operational standards approved by the ICP-Brazil Steering Committee, is responsible for issuing, maintaining, and canceling CA certificates immediately following its own, managing the list of certificates issued, canceled, and expired, and carrying out inspection and auditing activities of CA and AR and service providers authorized by the ICP, in accordance with the guidelines established by the ICP-Brazil Steering Committee.Single paragraph. AC Raiz is prohibited from issuing certificates to the end user.

Now that you understand how Certification Authorities work, their functions and importance, stay up to date with the issuance for which they are responsible!

How does the process of issuing Digital Certificates work?

To explain in a simple way, each Certification Authority takes pairs of cryptographic keys and links them to their respective holders (who requested the certificate). In this way, the process is even more secure, because Does cryptography work like a brand connected to a single person. When applied to a document, it shows the authenticity of that signature. So much so that every document signed by a The digital signature may have its veracity confirmed.Those who think that ACs are simple internal processors for issuing digital certificates are mistaken. But if you've read the Clicksign blog, you certainly understand a lot about electronic identity, legal faith, virtual files, and process optimization. In the case of Certification Authorities, this identification, security, and legality only works perfectly by making use of a chain of institutions and processes, in addition to the CA's, that are involved in this operation, these being:

• ICP-Brazil: it is the body that regulates digital signatures and certifications, making their issuances feasible and verifying each one of them;
• National Institute of Information Technology (ITI): he is the one who audits the processes, oversees and accredits or removes someone from that jail;
• Registration Authority (AR): is linked to the AC's and has the function of verifying applicants' documents.

AC-Raiz is comprised of the ITI and the ICP-Brazil Steering Committee, which is why both play such important roles in this process. Both individuals and legal entities can take advantage of the result of this operation and sign documents from wherever they are. We hope that this post has answered your doubts about what a Certification Authority is and the topics that are involved in this matter. The Clicksign blog has the better information to help entrepreneurs find the best solutions for your company's questions. Browse the posts and start improving your business through automations!