PKI Authorities
PKI Authorities consists of three different authorities that essentially make up a PKI system. These are the Registration Authority, Certification Authority and Certificate Directory.
Registration Authority
The jobs of the Registration Authority are to processes user requests, confirm their identities, and induct them into the user database.
Certification Authority
The tasks of a Certification Authority are to issue public key certificates and to attest that the public key embedded in it indeed belongs to the particular entity as stated in the certificate. The Certification Authority also has the right to cancel a certificate if required, and verify it at any point of time depending on the registration conditions. 
Certificate Directory
The Certificate Directory manages and stores the user’s registration information and certificates for future references.
From the above mentioned logical structuring of the different authorities, it is quite clear that the success of any public key infrastructure system depends entirely upon the efficiency, coordination, and performance of its public key infrastructure system authorities.
Alternatives to PKI Authorities
Alternatives to PKI authorities include: Web of Trust, Simple Public Key Infrastructure (SPKI) and Robot Certificate Authorities.
|
|
- Root Certificate
A Root Certificate is a self-signed certificate or an unsigned public key certificate which forms an important part of the PKI (public key infrastructure). The most common commercial type of root certificates is based on the ISO X.509 standard. Such a certificate (a X.509 certificate) usually carries the digital signature of a certification authority (CA), [...]...
- Certificate Authority
Certificate Authority or Certification Authority (CA) is an entity, which is core to many PKI (Public Key Infrastructure) schemes, whose purpose is to issue digital certificates to use by other parties. It exemplifies a trusted third party. Some certification authorities may charge a fee for their service while some other CAs are free. It is [...]...
- Root Certificate Update
In most enterprise-level public key infrastructure systems, there is a dependence upon certificate chains to verify the identity of a party. When a Certificate Authority (CA) issues a certificate for any party, the legitimacy of that certificate authority must be verified. This is usually done by a higher certificate authority. This higher authority is part [...]...
- PKI Certificate
A PKI certificate, which stands for Public Key Infrastructure certificate, allows someone to combine their digital signature with a public key and something that identifies them, an example being their real life name. This certificate is used to allow computer users to show that they do own the public keys they claim to. In other [...]...
- X.509
X.509 is an ITU-T (ITU Telecommunication Standardization Sector) standard for PKI (Public Key Infrastructure) in cryptography, which, amongst many other things, defines specific formats for PKC (Public Key Certificates) and the algorithm that verifies a given certificate path is valid under a give PKI (called the certification path validation algorithm). X.509 History X.509 began in [...]...