The CA is a trusted body that confirms the validity and identity of entities involved in public key exchange. As a user’s digital certificate is the only means by which entities may trust each other, the CA must be a legitimate, regulated, and officially recognized entity. An example of a well known CA that is used by many commercial organizations, is Verisign.