--- title: "Certificate, Key, and Trust Services" framework: security role: collectionGroup path: security/certificate-key-and-trust-services --- # Certificate, Key, and Trust Services Establish trust using certificates and cryptographic keys. ## Overview Overview The certificate, key, and trust services API is a collection of functions and data structures that you use to conduct secure and authenticated data transactions. Specifically, you use this API to manage and use: Certificates and identities. A certificate is a collection of data that identifies its owner in a tamper-evident way. When you use a certificate to distribute a public key, a receiver can be confident of its origin. You can also package a certificate together with its corresponding private key in an identity object that you keep secret. Policies and trust services. When you receive a certificate, before you can use the embedded public key, you have to answer the question, “Can I trust this certificate?” You conduct an evaluation of trust according to a set of criteria, or a trust policy. Cryptographic keys. After you have a key whose origin you trust, you can begin to conduct cryptographic operations, such as encryption or data signing and verification. These operations in turn typically serve a larger purpose, such as authenticating a user, transmitting data securely, or verifying that a block of data is unaltered since being sealed with a signature. note: Rely on the classes of the Security Interface framework to ensure a consistent experience when displaying certificates and trust settings to the user and when the user chooses among identities or modifies keychain settings. ## Topics ### API Components - [Certificates](security/certificates.md) - [Keys](security/keys.md) - [Identities](security/identities.md) - [Policies](security/policies.md) - [Trust](security/trust.md) ### Thread Safety - [Working with Concurrency](security/working-with-concurrency.md) ## See Also ### Related Documentation - [Cryptographic Services Guide](apple-archive/documentation/Security/Conceptual/cryptoservices/Introduction.md) - [Security Interface](securityinterface.md)