Certificate binding to identity: what does a digital certificate bind?

A digital certificate binds a public key to a specific identity. It is issued by a trusted certificate authority, whose signature on the certificate allows anyone who trusts the CA to verify that the public key listed actually belongs to the named entity. This binding enables secure communications and authentication, because others can trust that messages encrypted with that public key or signatures verified with that key come from the claimed owner. The certificate itself does not carry a symmetric key, and its purpose goes beyond replacing passwords or being limited to email encryption—it's a general mechanism to establish trust in the public key across various security protocols.