Asymmetric encryption uses a public/private key pair. Data encrypted with the private key can be decrypted only with the corresponding public key and vice versa.

Public keys (as their name suggests) are made generally available. Conversely, a private key remains private to a specific individual. The distribution mechanism by which public keys are transported to users is a certificate. Certificates are normally signed by a certification authority (CA) in order to confirm that the public key is from the subject who claims to have sent the public key. The CA is a mutually trusted entity.

The typical implementation of digital certification involves a process for signing the certificate. The ...