18.4 Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) (重要)
- Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.
- Components of PKI:
- Certificate Management System: Generates, distributes, stores, and verifies certificates.
- Digital Certificates: Establishes credentials of a person when doing online transactions.
- Validation Authority (VA): Stores certificates (with their public keys)
- Certificate Authority (CA): Issues and verifies digital certificates.
- End User: Requests, manages, and uses certificates.
- Registration Authority (RA): Acts as the verifier for the certificate authority.
PKI is a comprehensive system that allows the use of public-key encryption and digital signature services across a wide variety of applications.