A certification authority (CA) is a third party entity that issues digital certificates (especially X.509 certificates) and vouches for the binding between the data items in a certificate. An issuing authority could be considered a correct answer, but not the best answer, since it is too generic. Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.