Which two of the following statements are true regarding the CA in a PKI deployment? (Choose two.)
A. The CA is the trusted third party that signs the public keys of entities in a PKI-based system.
B. The CA issues either a certificate revocation list (CRL) or uses an OCSP process to determine certificate validity.
C. The CA becomes the center point of communications between two hosts using certificates that are issued by the CA.
D. A root CA is not necessary in a PKI.
