[Back| Home| Programs| Documentation| Internet| People]

PKI - PUBLIC KEY INFRASTRUCTURE



PKI

PKI is an Internet infrastructure that allows the exchange public keys, allows for the transfer of secure messages and user authentication based on public keys, digital signatures and certificates. As public key cryptography becomes more widespread there needs to be a way to find and access someone elseís public key in order to for public key cryptography to be of any use. PKI is simply a way to distribute public keys to anyone that may need it. There are generally two PKI solutions. One is the web of trust system that is useful in a uncontrolled, large, non-homogenous community. The PKI that this community would most likely use is the PGP method of distributing public keys. The other PKI solution is the corporate solution. This solution is for a large organizations with a structured, homogenous population. The corporate PKI solution, which is the solution that corporations and banks are using, can be viewed at Corporate PKI

These two PKI's seem to be the most common ones being used today. That is why these ones are described. Any method of widespread distribution of public keys could be considered a PKI, althought the benefits of PKI are to use the public keys in a useful manner. Other PKI's can be implemented with a different strategy, use these methodsd or combine methods. The PKI's described here were picked because of thier widespread use and the fact that they are very different from each other.


If you have read the PGP and the Corporate PKI sections you will see how each PKI allows for the distribution of public keys and the benefits of each PKI. To summarize the corporate PKI solution is a much more robust PKI and can be used for strong user authentication and even Internet commerce, but is uch more costly to maintain. The PGP PKI has no actual infrastrure to maintain and is very easy for a new user be a part of the PKI, but PGP suffers from having to trust groups of users at a time and not being able to give different levels of trust to seperate individuals. Which PKI you chose to use implement dependds on the application needing PKI.

To go back to main page click here. 


Send your comments and sugestions to
rrwallac@ucsd.edu




Contact information
URL: http://sdcc10.ucsd.edu/~rrwallac
e-mail: rrwallac@ucsd.edu










 

 



[Back|
Home| Programs|
Documentation| Internet|
People]