Chapter 15. PKI (Public Key Infrastructure)



In the early days of the Indian Territory, there were no such things as birth certificates. You being there was certificate enough.

 --Will Rogers

A public key infrastructure (PKI) consists of the components necessary to securely distribute public keys. Ideally, it consists of certificates (see §9.7.2 Certification Authorities (CAs)), a repository for retrieving certificates, a method of revoking certificates, and a method of evaluating a chain of certificates from public keys that are known and trusted in advance (trust anchors) to the target name. There have been some public-key-based systems deployed that leave out components such as revocation, or even certificates. Whether such systems ...

Get Network Security: Private Communication in a Public World, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.