What is a Public Key Infrastructure (PKI)? It is a set of hardware, software, people, policies, and procedures that are needed to create, manage, distribute, use, store, and revoke digital certificates.
In cryptography, PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique within each CA domain.
A PKI consists of:
Certificate Authority that both issues and verifies the digital certificates.
Registration Authority that verifies the identity of users requesting information from the CA.
Central Directory
Certificate Management System
Certificate Authorities
The primary role of the CA is to digitally sign and publish the public key bound to a given user. This is done using the CA's own private key, so that trust in the user key relies on one's trust in the validity of the CA's key. The mechanism that binds keys to users is called the Registration Authority (RA), which may or may not be separate from the CA. The key-user binding is established, depending on the level of assurance the binding has, by software or under human supervision.
After reading your post on Public Key Infrastructure (Digital Certificate), I learned something more about PKI. I have a better understanding of what PKI is able to provide with. I now know that digital certificates can provide a method of storing the public key, but with a higher security. Thank you for posting this post about Public Key Infrastructure (Digital Certificate).
ReplyDelete