Public key infrastructures can be complex beasts, as this chapter has shown. They have many different components that must work together seamlessly to provide the expected protection and functionality. A PKI is implemented to provide users and devices with the ability to communicate securely and to provide them with trust anchors, since they do not directly trust each other.
Certificate registration requests are validated by a registration authority (RA), and the certificate is then generated by a certificate authority (CA). The digital certificate binds an individual’s identity to the public key that is within the certificate.
Certificates can expire, be revoked, or be suspended. When a user receives a certificate from another ...