Policy Certification Authority

from Wikipedia, the free encyclopedia

The Policy Certification Authority (PCA) is the top certification authority of a public key infrastructure .

It has the guideline authority in which all technical and organizational security aspects for the creation and management of digital certificates are specified. The PCA takes on all functions relevant to encryption, authenticates the public keys issued by the certification authority (CA) and publishes the certificates and revocation lists.

The task of the PCA is to define security guidelines (“Policy”) with regard to certification. The CAs, which in turn issue the participant certificates, are certified in accordance with these guidelines. Optionally, a registration authority (RA) can be interposed, which controls subscriber identities but is not allowed to issue certificates.