05-SEP-2013: PKI and Tcl r2 (See the current copy)

Trust me.

Public Key Infrastructure (PKI) is, as the name implies, all of the infrastructure required to operate a public key cryptography system. The name also implies that PKI is a complex system with lots of mandatory parts however this is not the case.

A simple PKI implementation is fairly straight-forward. The goal of PKI is to provide a mechanism to trust an unknown party. This is done using certificates, which certify that another entity (which you may trust) has verified that this entity is who it claims to be. This certificate is presented by the unknown party as a means of identifying itself to you.

So what is to stop someone from providing false information in a certificate ? Well, that's where the public key aspect of PKI comes into play. Certificates are digitally signed by their issuer (also called a "Certificate Authority"). This means that if the certificate is altered or forged after being signed it will be detected.

---

Updated 11 Sep 2013, 05:42 GMT
Search - Recent Changes - Revisions - Go to Main Page - Help