Public Key Infrastructure (PKI)
A Public Key Infrastructure (PKI) is a system of facilities, policies, and services that supports the use of public key cryptography for authenticating the parties involved in a transaction. There is no single standard that defines the components of a Public Key Infrastructure, but a PKI typically comprises Certification Authorities and other Registration Authorities (RAs) that provide the following services:
- Issuing digital certificates
- Validating digital certificates
- Revoking digital certificates
- Distributing public keys
The X.509 standard is a Public Key Infrastructure.
Refer to Digital certificates for more information about digital certificates and Certification Authorities (CAs). RAs verify the information provided when digital certificates are requested. If the RA verifies that information, the CA can issue a digital certificate to the requester.
A PKI might also provide tools for managing digital certificates and public keys. A PKI is sometimes described as a trust hierarchy for managing digital certificates, but most definitions include additional services. Some definitions include encryption and digital signature services, but these are not essential to the operation of a PKI.
Parent topic:
Cryptographic concepts
sy10620_