A certificate authority (CA) is a trusted entity that issues electronic certificates (duh) to verify identity on the Internet. They're a key part of secure communications online -- and thus super important. Then there's intermediate CAs, signed by a root CA, making certificates for any website. However, they're just as powerful as those root ones. Worse still, there's no full list for the ones your system trusts because root CAs can make new ones whenever it wants, and our computers will trust 'em immediately. This is a problem when companies get their hands on them, although they could have legitimate reasons for using an intermediate CA within their own networks.