Public Key Infrastructure is a framework for a secure (i.e., Confidentiality and Authentication/ Integrity) communication between parties.
- Asymmetric Keys
- For Confidentiality
- Digital Certificates
- For Authentication/ Integrity
- Certificate Authority (CA)
- Who vouches the Digital Certificate.
- Registration Authority (RA)
- Who is responsible for Digital Certificate registration.
- Certificate Revocation List (CRL)
- Storage list contains inactive Digital Certificates.
- Revoke types: Expired, Revocation, Suspended
- Recovery Agent
- Who is authorized to recover the lost private key.
- Key Escrow
- Key Archival System
- Example: Government wants all Private key storage access in the event of any wrongdoing.