What is a Public Key Infrastructure (PKI)?
A public-key infrastructure (PKI) consists of protocols, services, and standards supporting applications of public-key cryptography. The term PKI, which is relatively recent, is defined variously in current literature. PKI sometimes refers simply to a trust hierarchy based on public-key certificates [1], and in other contexts embraces encryption and digital signature services provided to end-user applications as well [OG99]. A middle view is that a PKI includes services and protocols for managing public keys, often through the use of Certification Authority (CA) and Registration Authority (RA) components, but not necessarily for performing cryptographic operations with the keys. Among the services likely to be found in a PKI are the following: Key registration: issuing a new certificate for a public key. Certificate revocation: canceling a previously issued certificate. Key selection: obtaining a party’s public key. Trust evaluation: determining whether a certificate is valid and what