Public Key Infrastructure (PKI)
Definition
Public Key Infrastructure (PKI) is the set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.
Why It Matters
PKI is the trust infrastructure of the internet. It provides a way to verify that a public key actually belongs to the person or entity who claims it. This is what allows you to trust that the website you are connecting to via HTTPS is actually your bank and not an imposter.
Contextual Example
A Certificate Authority (CA) like Let's Encrypt is a trusted third party in the PKI system. When you request an SSL/TLS certificate for your website, the CA verifies that you own the domain, and then issues a certificate that binds your public key to your domain name.
Common Misunderstandings
- PKI is the framework that makes technologies like HTTPS, digital signatures, and secure email possible.
- It is based on a "web of trust" model, with root CAs at the top.