156 Eleventh Hour Security : Exam SY0-201 Study Guide Digital certificates In PKI, a digital certificate is a tool used for binding a public key with a par- ticular owner. A digital certificate in PKI serves the same function as a driver's license. Various systems and checkpoints may require verification of the own- er's identity and status and will reference the TTP for validation. It is the cer- tificate that enables this quick handoff of key information between the parties involved. Certification authority Certificates are created by a TTP called a Certification Authority (CA), which may also be called a Certificate Authority . CAs are systems that create, distribute, store, and validate digitally created signature and identity verification informa- tion about machines, individuals, and services. This CA may be a commercially available service point, such as VeriSign or Thawte. A CA can also be created within an enterprise to manage and create certificates that are used only within an organization or with trusted partners. Certificate revocation list