Definition of Registration Authority (RA) in Network Encyclopedia.
What is Registration Authority (RA)?
Registration Authority is a company or organization that is responsible for receiving and validating requests for digital certificates and public/private key pairs. A registration authority (RA) is part of the public key infrastructure (PKI).
How It Works
The Registration Authority receives a certificate request and verifies the identity of the requestor using acceptable forms of identification, which can be communicated face to face, over the telephone, by mail or courier, or in another secure fashion that is acceptable to the RA. Identification can include a driver’s license, Social Security number, or another unique identifier for the requestor.
If the RA approves the request, it contacts the certificate authority (CA) in the PKI and asks it to issue the requestor the desired digital certificate and key pair. The RA and CA are often different entities within the same company or organization.
Registration Authorities adds additional level of control and management to create a controlled and secure environment.
Certificate Authority (CA)
A certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third-party – trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 standard.
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not made available publicly but kept secret by the end-user who generated the key pair. The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate.