<Tr> <Td> </Td> <Td> This section does not cite any sources . Please help improve this section by adding citations to reliable sources . Unsourced material may be challenged and removed . (September 2012) (Learn how and when to remove this template message) </Td> </Tr> <P> A CA issues digital certificates that contain a public key and the identity of the owner . The matching private key is not made available publicly, but kept secret by the end user who generated the key pair . The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate . A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates . CAs use a variety of standards and tests to do so . In essence, the certificate authority is responsible for saying "yes, this person is who they say they are, and we, the CA, certify that". </P> <P> If the user trusts the CA and can verify the CA's signature, then they can also assume that a certain public key does indeed belong to whoever is identified in the certificate . </P> <P> Public - key cryptography can be used to encrypt data communicated between two parties . This can typically happen when a user logs on to any site that implements the HTTP Secure protocol . In this example let us suppose that the user logs on to their bank's homepage www. bank. example to do online banking . When the user opens www. bank. example homepage, they receive a public key along with all the data that their web - browser displays . The public key could be used to encrypt data from the client to the server but the safe procedure is to use it in a protocol that determines a temporary shared symmetric encryption key; messages in such a key exchange protocol can be enciphered with the bank's public key in such a way that only the bank server has the private key to read them . </P>

A certificate of authority does which of the following