Which of the following actions in PKI takes a certificate authority?
A.
Signs and verifies all infrastructure messages
B.
Issues and signs all private keys
C.
Publishes key escrow lists to CRLs
D.
Issues and signs all root certificates
Explanation:
A certificate authority can issue multiple certificates in the form of a tree structure. A root certificate is part of a
public key infrastructure (PKI) scheme. The most common commercial variety is based on the ITU-T X.509
standard, which normally includes a digital signature from a certificate authority (CA).
Note: In cryptography and computer security, a root certificate is an unsigned public key certificate (also called
self-signed certificate) that identifies the Root Certificate Authority (CA).