issuing CA
E724320
An issuing CA is a certificate authority server that actually issues and manages digital certificates to clients and devices, typically operating beneath a root or policy CA in a public key infrastructure.
All labels observed (1)
| Label | Occurrences |
|---|---|
| issuing CA canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T8288947 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: issuing CA Context triple: [Active Directory Certificate Services, supportsTopology, issuing CA]
-
A.
DST Root CA X3
DST Root CA X3 is a widely trusted root certificate authority operated by IdenTrust that historically provided the cross-signed trust anchor enabling broad browser compatibility for Let’s Encrypt certificates.
-
B.
Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority that provides TLS/SSL certificates to enable secure HTTPS connections for websites worldwide.
-
C.
ISRG Root X1
ISRG Root X1 is the primary root certificate operated by the Internet Security Research Group that underpins the trust for most Let’s Encrypt-issued TLS/SSL certificates used across the web.
-
D.
Authenticum
Authenticum is a medieval Latin collection of the Novellae (new laws) of the Byzantine emperor Justinian I, widely used in Western European legal scholarship.
-
E.
PKI
PKI is the abbreviation for Partai Komunis Indonesia, the former communist party of Indonesia that played a major role in the country’s mid-20th-century political history.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: issuing CA Target entity description: An issuing CA is a certificate authority server that actually issues and manages digital certificates to clients and devices, typically operating beneath a root or policy CA in a public key infrastructure.
-
A.
DST Root CA X3
DST Root CA X3 is a widely trusted root certificate authority operated by IdenTrust that historically provided the cross-signed trust anchor enabling broad browser compatibility for Let’s Encrypt certificates.
-
B.
Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority that provides TLS/SSL certificates to enable secure HTTPS connections for websites worldwide.
-
C.
ISRG Root X1
ISRG Root X1 is the primary root certificate operated by the Internet Security Research Group that underpins the trust for most Let’s Encrypt-issued TLS/SSL certificates used across the web.
-
D.
Authenticum
Authenticum is a medieval Latin collection of the Novellae (new laws) of the Byzantine emperor Justinian I, widely used in Western European legal scholarship.
-
E.
PKI
PKI is the abbreviation for Partai Komunis Indonesia, the former communist party of Indonesia that played a major role in the country’s mid-20th-century political history.
- F. None of above. chosen
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
certificate authority role
ⓘ
public key infrastructure component ⓘ |
| associatedWith |
certificate revocation infrastructure
ⓘ
registration authority ⓘ |
| canBe |
enterprise CA
ⓘ
online CA ⓘ private CA ⓘ public CA ⓘ |
| hasKeyType | CA private key ⓘ |
| hasRole | issuing certification authority ⓘ |
| implements |
PKI policies
ⓘ
X.509 standard NERFINISHED ⓘ |
| isBelowInHierarchy |
policy CA
ⓘ
root CA ⓘ |
| isSignedBy |
intermediate CA
ⓘ
root CA ⓘ |
| issues |
client certificates
ⓘ
device certificates ⓘ digital certificates ⓘ end-entity certificates ⓘ server certificates ⓘ |
| manages | digital certificates ⓘ |
| mayBeHostedOn | dedicated CA server ⓘ |
| mayBeProtectedBy | hardware security module ⓘ |
| mayLog |
certificate issuance events
ⓘ
certificate revocation events ⓘ |
| mustComplyWith | certificate policy constraints ⓘ |
| mustProtect | CA private key ⓘ |
| operatesUnder |
policy CA
ⓘ
root CA ⓘ |
| partOf | public key infrastructure ⓘ |
| performs |
certificate enrollment
ⓘ
certificate renewal ⓘ certificate revocation ⓘ |
| publishes | certificate revocation lists ⓘ |
| responsibleFor |
binding identities to public keys
ⓘ
certificate lifecycle management ⓘ |
| signs |
certificate signing requests
ⓘ
end-entity public keys ⓘ |
| supports | online certificate status protocol ⓘ |
| usedIn |
TLS deployments
ⓘ
VPN infrastructures ⓘ enterprise authentication systems ⓘ |
| uses |
certificate policies
ⓘ
certificate practice statements ⓘ certificate templates ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: issuing CA Description of subject: An issuing CA is a certificate authority server that actually issues and manages digital certificates to clients and devices, typically operating beneath a root or policy CA in a public key infrastructure.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.