Public Key Infrastructure has Several Components
Source: bruckedwards.com
Certificate Authority (CA)
Certificate authority (CA) issues, manages, authenticates, signs and revokes user’s digital certificates. The certificates often contain the user name, public key, and other identifying information. Certificate authorities are responsible for issuing digital certificates to individuals seeking to encrypt information in a secure manner. The organizations provide authentication to individuals and companies by validating the identity of each party in an Internet transaction. Without certificate authorities, internet users lose the ability to ensure privacy and connect information with authorized individuals. CAs function as the formal entity responsible for protecting information and distributing certificates and keys to requesting individuals and organizations.
Registration authority (RA)
Registration authority (RA) handles certification functions such as verifying registration information, generating end-user keys, revoking certificates, and validating user certificates, in collaboration with the CA. In order for a request to be verified by a certificate authority, the process requires evaluation by the registration authority in order to verify user information and distribute keys. RAs ensure the privacy, integrity and authorization of information before submitting request for verification by certificate authorities. RAs function as the collaborating portion of the CA, responsible for providing an initial assessment of information before its final verification by CAs.
Certificate Directories
Certificate directories are central locations for certificate storage that provide a single access point for administration and distribution. Once a certificate authority verifies information and becomes ready to distribute keys, the organization places certificates in a database in which users can access in preparation for sending secure messages to other internet users. Certificate directories function as the storage and retrieval component of the PKI process, which serves as an ongoing resource for requesting parties who seek to share certificates with other parties receiving private information.
Management Protocols
Management protocols organize and manage communications among CAs, RAs, and end users. This includes the procedures for setting up new users, issuing keys, recovering keys, revoking keys, and enabling the transfer of certificates and status information among the parties involved in the PKI’s area of authority. Management protocols refer to the processes used to identify the parties requesting certificates as well as the handling of distributing certificates and keys. Management protocols provide an efficient method of ensuring the privacy of information before it’s distributed to the requesting parties. Management protocols functions as the ongoing procedures required in order to ensure the protection of information by requesting parties.
Policies and Procedures
Policies and procedures assist an organization in the application and management of certificates, in the formalization of legal liabilities and limitations, and in actual business use. Throughout the entire process of providing certificates, CAs and RAs conduct procedures and adhere to policies which ensure the privacy and integrity of information. Policies and procedures set the CAs and RAs responsibilities for protecting information from threats as well as enforcing the appropriate distribution of keys and certificates. Policies and procedures function as the framework in which CAs and RAs provide identity verification, encryption, and distribution of keys for any requesting individual or organization.