1. /
  2. VeriSign CAs and RAs within the VeriSign Trust Network (VTN)

VeriSign CAs and RAs within the VeriSign Trust Network (VTN)

Revised May 21, 2009

The following table summarizes the functions of the subscriber certificate-issuing Certification Authorities operated by VeriSign within the VTN. This document also lists the entities responsible for the Registration Authority function for such Certification Authorities.
VeriSign Trust Network (VTN)
Type CA Name CA Description Registration Authorities
VTN Root CAs Generation 1 (G1)
VeriSign Class 1 PCA
VeriSign Class 2 PCA
VeriSign Class 3 PCA
VeriSign Class 4 PCA
First generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Generation 2 (G2)
VeriSign Class 1 PCA – G2
VeriSign Class 2 PCA – G2
VeriSign Class 3 PCA – G2
VeriSign Class 4 PCA – G2
Second generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Generation 3 (G3)
VeriSign Class 1 PCA – G3
VeriSign Class 2 PCA – G3
VeriSign Class 3 PCA – G3
VeriSign Class 4 PCA – G3
Third generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Generation 4 (G4)
VeriSign Class 3 PCA – G4
Fourth generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Generation 5 (G5)
VeriSign Class 3 PCA – G5
Fifth generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Universal Root
VeriSign Universal Root CA
Sixth generation of VeriSign Root certification authorities which issue certificates to Subordinate CAs within the VTN VeriSign, Inc.
Class 3 Organizational CAs VeriSign Class 3 Extended Validation SSL CA Issues EV SSL certificates VeriSign, Inc., Managed PKI for SSL Customers and VTN Affiliates
VeriSign Class 3 Extended Validation 1024-bit SSL SGC CA Issues EV SSL certificates VeriSign, Inc. and VTN Affiliates
VeriSign Class 3 Extended Validation SSL SGC CA Issues EV SSL SGC certificates VeriSign, Inc., Managed PKI for SSL (Premium Edition) Customers and VTN Affiliates
VeriSign International Server CA Class 3 Issues Global Server SGC certificates VeriSign, Inc., Managed PKI for SSL (Premium Edition) Customers and VTN Affiliates
VeriSign Class 3 Secure Server 1024-bit CA G2 Issues Secure Server certificates VeriSign, Inc. and VTN Affiliates
VeriSign Class 3 Secure Server CA - G2 Issues Secure Server certificates VeriSign, Inc., Managed PKI for SSL Customers and VTN Affiliates
VeriSign Class 3 Secure OFX CA - G3 Issues OFX certificates VeriSign, Inc.
VeriSign Class 3 WLAN Secure Server CA Issues wireless secure server certs supporting the PEAP protocol VeriSign, Inc.
VeriSign Class 3 Secure Intranet Server CA Signs certificates to be used on secure intranet servers VeriSign, Inc.
VeriSign Class 3 Organizational CA Issues S/MIME certs VeriSign, Inc.
VeriSign Class 3 SSP CA Issues Non Federal SSP CAs VeriSign, Inc.
VeriSign Class 3 Code Signing 2009 CA Issues code signing and object signing certificates for use with Netscape browsers, Microsoft Internet Explorer browsers, Microsoft Office, Sun Java Signing, Macromedia, and Marimba VeriSign, Inc.
Class 2 Enterprise CAs VeriSign Class 2 MPKI Individual Subscriber CA - G2 Issues certificates to the subscribers of Managed PKI Lite customers Managed PKI Customer
VeriSign Class 2 SSP CA Issues Non Federal SSP CAs VeriSign, Inc.
Managed PKI Full Public Customer-Specific CAs Customer-specific CAs that chain to the VeriSign Class 2 PCA Managed PKI Customer
Class 1 Enterprise CAs VeriSign Class 1 Individual Subscriber CA - G2 Issues Class 1 certificates to individuals VeriSign, Inc.
VeriSign Class 1 SSP CA Issues Non Federal SSP CAs VeriSign, Inc.
Legacy CAs RSA Secure Server CA Legacy issuer of Secure Server certificates; also a Root CA VeriSign, Inc., Managed PKI for SSL Customers and VTN Affiliates
VeriSign Class 3 Secure Server CA Legacy issuer of Secure Server certificates VeriSign, Inc., Managed PKI for SSL Customers and VTN Affiliates
VeriSign Class 3 Secure Server 1024-bit CA Legacy issuer of Secure Server certificates VeriSign, Inc. and VTN Affiliates
VeriSign Class 3 Code Signing 2001 CA Legacy issuer of Code Signing certificates VeriSign, Inc.
VeriSign Class 3 Code Signing 2004 CA Legacy issuer of Code Signing certificates VeriSign, Inc.
Class 3 Open Financial Exchange CA - G2 Legacy issuer OFX certificates VeriSign, Inc.
VeriSign Class 1 CA Individual Subscriber-Personal Not Validated Legacy issuer of Class 1 certificates to individuals VeriSign, Inc.
VeriSign Class 2 OnSite Individual CA Legacy issuer of certificates to the subscribers of Managed PKI Lite customers Managed PKI Customer
Although VeriSign’s Authenticated Code Signing (ACS) products do not utilize CAs that chain up to VTN root CAs, they are included among the various types of infrastructure CAs covered in VeriSign’s Certification Practices Statement (CPS). There are two types of ACS CAs operated by VeriSign, as described in the table below.
VeriSign’s Authenticated Code Signing (ACS) CAs
Type CA Name CA Description Registration Authorities
Authenticated Code Signing (ACS) CAs Authenticated Code Signing Root CAs Customer-specific root CAs, operated by VeriSign, which issue certificates to Subordinate ACS CAs VeriSign, Inc.
Authenticated Code Signing Subordinate CAs Customer-specific CAs, operated by VeriSign, which issue ACS end-entity certificates to organizations VeriSign, Inc.

CONTACT US

    Worldwide Headquarters
    650-426-3400