The rules, methods and guidelines that specify how the digital certificate is distributed to the end user are documented in the Certificate Policy [CP]. The CP is the ‘Who, What, Where and How’ document that describes the principles of the digital certificate usage and how they are to be distributed. This CP is agreed before the CA is operational and all digital certificates must be deployed in accordance with the CP.
The Registration Authority [RA] decides what users are permitted to receive a certificate. The RA can be a Systems Administrator or other responsible member of the organisation, or the process can be automated using a database and a series of automated checks and controls, each one of which is designed to reduce the error possibility or the risk of deception.
There are three main types of digital certificates, they are: