Public Key Infrastructure (Digital Cert)

PKI is a security architecture that has been introduced to provide an increased level of confidence for exchanging information over an increasingly insecure Internet.  Public key cryptography uses a pair of mathematically related cryptographic keys.   If one key is used to encrypt information, then only the related key can decrypt that information. 
A certificate is information referring to a public key, that has been digitally signed by a Certification Authority (CA).  Certificates conforming to that standard include information about the published identity of the owner of the corresponding private key, the key length, the algorithm used, and associated hashing algorithm, dates of validity of the certificate and the actions the key can be used for. The CA takes responsibility for identifying (to a stated extent) the correctness of the identity of the person asking for a certificate to be issued, and ensures that the information contained within the certificate is correct and digitally signs it.

Applications that use PKI:

• ·         Digital signatures
• ·         Smart card logon
• ·         Secure e-mail
• ·         Software code signing
• ·         IP Security (IPSec)
• ·         Software restriction policy
• ·         Internet authentication
• ·         Encrypting File System
• ·         PKI consist of a few components which are closely related together:
• ·         Certificate and CA management tools
• ·         Certification Authority (CA)
• ·         Registration Authority (RA)
• ·         Validation Authority (VA)
• ·         Attribute Authority (AA)
• ·         Attribute Certificates
• ·         Certificate Template
• ·         Digital Certificate
• ·         PKI enabled applications and services