WebTrust-audited Certificate Authorities


CommScope Sentry™ operates certificate authorities serving the CBRS, DOCSIS, and OpenCable ecosystems, under arrangement with the ecosystem licensing authorities. We are a WInnForum CBRS root of trust certificate authority and are authorized to operate all types of CBRS CAs. In addition, we operate Matter PAAs (product attestation authorities) on behalf of CSA (Connectivity Standards Alliance) members.

  • WebTrust compliance
  • WInnForum CBRS root of trust
  • CableLabs DOCSIS 3.1 & DPoE
  • CableLabs OpenCable
  • Private/enterprise CAs
  • Matter PAAs & PAIs (product attestation intermediates)

WebTrust Compliance

CommScope certificate authorities are annually audited by an independent WebTrust-accredited auditor, to ensure compliance with all of the WebTrust security, accounting, audit trail, confidentiality, business, and legal requirements. CommScope CA security deploys additional hardware and procedural security controls that go beyond WebTrust security requirements. Our certificate policy fully complies with the latest WebTrust and IETF standards and is available online.

BDO WebTrust Seal For CA BDO WebTrust Seal For BR SSL

WInnForum CBRS Roots of Trust

CommScope operates multiple RSA-based and elliptic curve-based certificate authorities under our WInnForum-approved roots of trust. We can issue device or subordinate CA certificates, including for CBSD access points, domain proxies, and SASs. For more information, see our CBRS page.

WInnForum Approved

CableLabs DOCSIS 3.1 & DPoE Certificate Authorities

CommScope certificate authorities for DOCSIS 3.1 and DPoE have been WebTrust-audited and approved by CableLabs to supply certificates to device manufacturers. CommScope DOCSIS 3.1 certificate authority may be used to issue certificates to cable modems as well as remote PHY and remote MACPHY devices (RPDs & RMDs). CommScope DPoE certificate authority issues certificates to EPON ONUs. The corresponding CableLabs security standards can be found at https://www.cablelabs.com/specifications.

CableLabs OpenCable Certificate Authorities

CommScope certificate authorities for both OpenCable hosts and CableCARDs have been WebTrust-audited and approved by CableLabs to supply certificates to device manufacturers that implement the copy protection interface between a host device (e.g., a set-top box, TV, or DVR) and a CableCARD. The corresponding CableLabs security standards can be found at https://www.cablelabs.com/specifications.

Matter PAA & PAI Services

In the Matter ecosystem, PAAs and PAIs are root and intermediate certificate authorities that issue DACs (device attestation certificates) for Matter devices. CommScope provides secure and cost-efficient VID-scoped PAAs and PAIs services and issues DACs to Matter device manufacturers. CommScope is already providing a major device manufacturer such services.

Private/Enterprise Certificate Authorities

With the infrastructure already in place to support internal/external certificate authorities and other secure services, CommScope Sentry™ hosts and operates certificate authorities for your organization in a secure and cost-effective manner. The operation and lifecycle management of CAs are complicated, but we are well-equipped to provide a policy-based security governance practice. When creating root and subordinate CAs, our professional staff perform auditable key ceremonies according to recognized best practices. The CAs we host can be tailored according to your needs, whether it is in terms of hierarchy, certificate profiles, or algorithm choices. You can, for instance, design your CAs to align with your organizational or product portfolio structures. We address security practices risk and security-related business continuity for you.

As a service provider with a long history, we host CAs that serve many organizations. Among these CAs are ones that issue identity credentials to devices made by Motorola Mobility and devices deployed by major service providers, including Charter Communications, Liberty Global, Comcast, and others.

Our hosted CA service is an enabler of trust. Contact us to learn more about how we can help you meet your needs for an enterprise CA.