Which of the following manages the digital certificate life cycle to ensure adequate security and
controls exist in digital signature applications related to e-commerce?
Certificate authority (CA)
Certification relocation list
Certification practice statement
The certificate authority maintains a directory of digital certificates for the reference of those
receiving them, it manages the certificate life cycle, including certificate directory maintenance and
certificate revocation list maintenance and publication. Choice A is not correct because a
registration authority is an optional entity that is responsible for the administrative tasks associated
with registering the end entity that is the subject of the certificate issued by the CA. Choice C is
incorrect since a CRL is an instrument for checking the continued validity of the certificates for
which the CA has responsibility. Choice D is incorrect because a certification practice statement is
a detailed set of rules governing the certificate authority’s operations.