The '''certification path validation algorithm''' is the [[algorithm]] which verifies that a given certificate path (also called a ''certificate chain'') is valid under a given PKI. A path starts with the [[authenticity]]Subject certificate and proceeds through a number of theintermediate certificates up to a trusted certificate, typically issued by a trusted [[Certification Authority]] (CA). It begins fromVerifying the individualchain whoincludes signschecking athat particulareach certificate is valied (meaning that it is inside its validity period), andthat each certificate tracesafter the rootSubject Certificationcertificate actually Authority.
