A certificate authority takes which of the following actions in PKI?
A.
Signs and verifies all infrastructure messages
B.
Issues and signs all private keys
C.
Publishes key escrow lists to CRLs
D.
Issues and signs all root certificates
Explanation:
A certificate authority can issue multiple certificates in the form of a tree structure. A root certificate
is part of a public key infrastructure (PKI) scheme. The most common commercial variety is based
on the ITU-T X.509 standard, which normally includes a digital signature from a certificate
authority (CA).
Note: In cryptography and computer security, a root certificate is an unsigned public key certificate
(also called self-signed certificate) that identifies the Root Certificate Authority (CA).