Relationship between Key Pairs and Certificates
If a PKI entity has multiple key pairs, it is likely to have multiple certificates, because the format of a certificate does not naturally allow it to hold more than a single public key (and the X.509 standard does not explicitly support the ability to put multiple keys into the SubjectPublicKeyInfo field). However, this does not preclude the possibility of a particular public key appearing in several certificates that are simultaneously valid. Thus, it is worth exploring briefly the relationship between key pairs and certificates.
By far, the most commonly cited benefit of a given public key appearing in multiple valid certificates is the perceived simplicity of rollover (referred to, in this case, ...
Get Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
