===== Public Key Infrastructure (PKI) =====
[[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]]

A **Public Key Infrastructure (PKI)** supports the distribution, revocation and [[dido:public:ra:xapend:xapend.a_glossary:v:vendorlockin|verification]] of public [[dido:public:ra:xapend:xapend.a_glossary:k:key|keys]] used for [[dido:public:ra:xapend:xapend.a_glossary:p:pki]] [[dido:public:ra:xapend:xapend.a_glossary:e:encryption|encryption]], and enables linking of identities with [[dido:public:ra:xapend:xapend.a_glossary:p:public_key|Public Key]] certificates. A PKI enables users and systems to securely exchange data over the [[dido:public:ra:xapend:xapend.a_glossary:i:internet|internet]] and verify the legitimacy of certificate-holding entities, such as webservers, other authenticated servers and individuals. The PKI enables users to authenticate [[Digital Certificate]] holders, as well as to mediate the process of certificate revocation, using cryptographic algorithms to secure the process.

PKI certificates include a [[dido:public:ra:xapend:xapend.a_glossary:p:public_key]] used for encryption and cryptographic [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] of data sent to or from the [[dido:public:ra:xapend:xapend.a_glossary:e:entity|entity]] that was issued the certificate. Other information included in a PKI certificate includes identifying information about the certificate holder, about the PKI that issued the certificate, and other data including the certificate's creation date and validity period.

Source: [[https://searchsecurity.techtarget.com/definition/PKI]]