Cryptography Reference
In-Depth Information
19.5
PUBLIC KEY INFRASTRUCTURE
According to RFC 2828, the term
certificate
refers to “a document that attests
to the truth of something or the ownership of something” [1]. Historically, the
term certificate was coined and first used by Loren M. Kohnfelder to refer to a
digitally signed record holding a name and a public key [13]. As such, the certificate
attests to the legitimate ownership of a public key and attributes a public key to a
particular entity, such as a person, a hardware device, or anything else. The resulting
certificates are frequently called
public key certificates
. According to RFC 2828, a
public key certificate is a special case of a digital certificate, namely one “that binds
a system entity's identity to a public key value, and possibly to additional data items”
[1]. As such, it is a digitally signed data structure that attests to the ownership of a
public key.
More generally and in accordance with RFC 2828, a certificate can not only be
used to attest to the legitimate ownership of a public key (in the case of a public key
certificate), but also to attest to the truth of any property attributable to a certificate
owner. This more general class of certificates is commonly referred to as attribute
certificates. In short, the major difference between a public key certificate and an
attribute certificate is that the former includes a public key (i.e., the public key that
is certified), whereas the latter includes a list of attributes (i.e., the attributes that
are certified). In either case, the certificates are issued (and possibly revoked) by
authorities that are recognized and trusted by some community of users. In the case
of public key certificates, these authorities are called
certification authorities
(CAs).
2
In the case of attribute certificates, however, these authorities are called
attribute
authorities
(AAs).
In short, a PKI consists of one (or several) CA(s). According to RFC 2828, a
PKI is “a system of CAs that perform some set of certificate management, archive
management, key management, and token management functions for a community
of users” [1] that employ public key cryptography.
3
Another way to look at a
PKI is as an infrastructure that can be used to issue, validate, and revoke public
keys and public key certificates. As such, a PKI comprises a set of agreed-upon
standards, CAs, structures among multiple CAs, methods to discover and validate
certification paths, operational and management protocols, interoperable tools, and
supporting legislation. In the last couple of years, PKIs have experienced a hype, and
many companies and organizations have announced plans to provide certification
2
In the past, CAs were often called TTPs. This is particularly true for CAs that are operated by
government bodies.
3
The last part of the sentence is particularly important, because in the past many people felt they
had to enter the field of PKIs without having a legitimate reason (if, for example, they are not using
public key cryptography in the first place).
