valid)

                    Subject’s name (contains the distinguished name, or DN, of the
                    entity that owns the public key contained in the certificate)


                    Subject’s public key (the meat of the certificate—the actual public
                    key the certificate owner used to set up secure communications)

               The current version of X.509 (version 3) supports certificate
               extensions—customized variables containing data inserted into the
               certificate by the certificate authority to support tracking of certificates
               or various applications.




                             If you’re interested in building your own X.509 certificates

                  or just want to explore the inner workings of the public key
                  infrastructure, you can purchase the complete official X.509

                  standard from the International Telecommunications Union (ITU).
                  It’s part of the Open Systems Interconnection (OSI) series of
                  communication standards and can be purchased electronically on
                  the ITU website at www.itu.int.




               Certificate Authorities

               Certificate authorities (CAs) are the glue that binds the public key
               infrastructure together. These neutral organizations offer notarization

               services for digital certificates. To obtain a digital certificate from a
               reputable CA, you must prove your identity to the satisfaction of the
               CA. The following list includes some of the major CAs that provide
               widely accepted digital certificates:

                    Symantec

                    IdenTrust

                    Amazon Web Services


                    GlobalSign

                    Comodo

                    Certum