This document discusses internet security and certification authorities (CAs). It provides information on how certificates work, including domain validated (DV), organization validated (OV), and extended validation (EV) certificates. It also discusses the role of browsers in internet trust and governance, including their requirements for root certificates and treatment of extended validation certificates. The top CAs by market share are listed. Certificate transparency is described as a way to provide post-issuance validation of certificate authorizations.