Those certificates are the bedrock of much of the security we enjoy online. They’re the reason we can do online banking, the reason we can download and install software updates without fearing malware. The organizations that screen people and companies and issue them these certificates are called certificate authorities, or CAs, and they make money by vetting and selling certificates to website operators and software manufacturers. There are hundreds of certificate authorities around the world, but the major browser and operating systems list only a small number as authorities whose certificates they will automatically trust. These elite certificate authorities are called root CAs. And the root CAs can, in turn, grant that same authority to any other intermediate CA they choose to endorse

Link zur Quelle