Public Key Infrastructure (PKI)
PKI
A system of hardware, software, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and public‑key pairs.
#crypto#nist#rfc#x509
Last updated: 2025-08-22T00:00:00.000Z
Differences across sources
Parallel sources use distinct terminology or emphasize different aspects.
Review each citation to understand scope and normative intent.
Evidence
NIST NIST SP 800-57 Part 1 Rev. 5 (2020-05) Normative evidence
An infrastructure that supports the management of public keys for cryptography.
RFC RFC 5280 (Internet X.509 Public Key Infrastructure Certificate and CRL Profile) (2008-05) Normative evidence
Specifies the profile for X.509 public key certificates and CRLs for use in the Internet.
Mappings
CISSP Domain 3
Examples
Enterprise TLS Certificates
Organization‑wide issuance and renewal of server certificates via an internal CA or ACME‑integrated external CA.
More context
PKI binds public keys to identities via certificates signed by trusted Certificate Authorities (CAs). Certificate status is managed via CRLs or OCSP; modern automation often uses ACME.