Certificate Authority Vendors

In Release 2 of the Wi-Fi CERTIFIED Passpoint™ certification program, mobile devices use Online Sign-Up (OSU) to accomplish registration and credential provisioning to obtain secure network access. Each Service Provider network has an OSU Server, an AAA Server, and access to a certificate authority (CA). A CA is a collection of computer hardware, software, and the people who operate it. The CA is known by two attributes: its name and its public key. One of the requirements for a mobile device and the hotspot to trust each other is that OSU Server shall hold a certificate signed by a Certificate Authority whose root certificate is issued by one of the CAs authorized by Wi-Fi Alliance, and that these trust root CA certificates are installed on the mobile device. A CA performs four basic CA functions:

  1. Issues certificates (i.e., creates and signs them)
  2. Maintains certificate status information and issues Certificate Revocation Lists (CRLs)
  3. Publishes its current (unexpired) certificates and CRLs so users can obtain the information they need to implement security services
  4. Maintains archives of status information about the expired or revoked certificates it issued

All certificates for Release 2 of the Passpoint program are governed by the Hotspot 2.0 Online Sign-Up Certificate Policy Specification. An OSU server certificate should be obtained from any of the CAs authorized by Wi-Fi Alliance as listed below.


DigiCert

DigiCert is a leading trusted provider of digital certificates, including Wi-Fi certificates. DigiCert partners with businesses of all sizes to ensure end-to-end encryption for wireless and wired devices. As a PKI expert, DigiCert participates in the Wi-Fi Alliance's push for higher security standards and plays an active role in moving the industry forward. DigiCert offers SecureWiFi Certificates worldwide in its effort to support a globally secure internet. DigiCert takes pride in offering best-in-class customer support in all areas of certificate management, including certificate ordering, installation, and implementation. We continue to be the go-to partner for emerging markets such as the Internet of Things, Wi-Fi security, and the Directed Exchange of healthcare information.

Contact DigiCert


Kyrio

Kyrio provides globally managed Public Key Infrastructure (PKI) services trusted by industry leading network service providers, device manufacturers and enterprises across broadband, video, Passpoint and OpenADR smart grid ecosystems. Kyrio’s 15+ years of successful experience includes PKI governance, technology management, and operations. Working closely with device manufacturers to securely implement PKI in their products, Kyrio’s heritage stems from in-depth experience creating and designing PKI-based security models in industry specifications and standards. Kyrio is a wholly-owned subsidiary of CableLabs.

Contact Kyrio


Additional Resources