Public-Key Infrastructure (PKI)

Let's learn about the public-key infrastructure in detail.

We'll cover the following

Certificates

X.509 certificate

Certificate issuance
Certificate chain
Rules for a certificate chain to be valid
Mechanisms to revoke certificates

When using the public-key cryptography, one common problem is that how can a client ensure the server is who they claim to be?

In theory, a malicious party could generate a second keypair and present the public key to us, which we would use to encrypt to send the data. Even though the data is encrypted, they can stil be sent to the wrong party, who would be able to then decrypt them with their private key. To ensure the client is talking to the server it expects, we can make use of certificates.

Certificates

Certificates are digital documents that bind a public key to a specific entity. They are used by clients for authentication purposes.

These certificates can have different formats, but X.509 is a common standard defining one format for protocols, such as TLS.

X.509 certificate

An X.509 certificate contains a public key, and the identity of this public key belongs to it. This identity is represented by a so-called distinguished name, which uniquely identifies the entity and consists of various attributes, such as a common name, an organization name, a locality name, etc.

Note: The values for each of these fields can differ for each use case.

When we use of TLS certificates for websites, the common name is populated with the domain name of the website, so a certificate binds a public key to a specific domain name.

Certificate issuance

Certificates are issued by specific organizations, called certificate authorities, which sign these certificates in order to attest the ownership of this public key to the associated entity.

Note: Before signing the certificates, the certificate authority first verifies the identity of the party that makes the request.

Certificate authorities can issue a web certificate by asking the party to prove that they have control over the associated domain, e.g., by uploading specific content to a website served by this domain.

Certificate chain

The certificate authorities also generate certificates for their own public keys, but these certificates are signed by their own private key and are known as self-signed certificates. As a result, they act as trusted third parties, which are trusted both by the owner and the users of the certificate. Sometimes, this can get more complicated with certificate authorities issuing certificates for the public keys of other certificate authorities that they can then use to issue other certificates. In this case, these certificates can form a certificate chain, as shown in the following illustration:

The certificate at the bottom of the chain is known as the target certificate, and the certificate at the top of the chain is known as the root certificate.

A certificate chain is used to ensure that the public key and other metadata contained in the target certificate belongs to its subject. This is true only when a certificate chain is valid.

Rules for a certificate chain to be valid

A valid certificate chain must comply with the following rules:

The issuer of each certificate (except the root one) must match the subject of the next certificate in the list.
Each of those certificates (except the root one) must also be signed by the secret key corresponding to the next certificate in the chain, i.e., the signature of the certificate must be verified successfully using the public key in the next certificate.
The root certificate should be signed by the trusted entity; that is why it is also known as a trust anchor. For this purpose, applications are typically given a list of trusted root certificates. This is done through various mechanisms, e.g., web browsers come with a predetermined set of pre-installed root certificates, so TLS certificates issued from major certificate authorities will work instantly.

The list of trusted root certificates is curated with only trustworthy organizations. For example, in some cases certificate authorities have failed to operate safely, and as a result, they were removed from these lists.

Mechanisms to revoke certificates

The certificate authorities have issued various mechanisms to revoke certificates when the private key of the associated entity gets compromised. Some of these mechanisms are:

The certificate revocation lists CRLs
The online certificate status protocol (OCSP)

This whole system for managing the creation, storage, and distribution of digital certificates is known as public key infrastructure (PKI).

Get hands-on with 1400+ tech skills courses.

Before Getting Started

Introduction to Distributed Systems

Basic Concepts and Theorems

Distributed Transactions

Achieving Isolation

Achieving Atomicity

Concluding Distributed Transactions

Consensus

Time

Order

Networking

Security

Security Protocols

From Theory to Practice

Case Study 1: Distributed File Systems

Case Study 2: Distributed Coordination Service

Case Study 3: Distributed Data Stores

Case Study 4: Distributed Messaging System

Case Study 5: Distributed Cluster Management

Case Study 6: Distributed Ledger

Case Study 7: Distributed Data Processing Systems

Practices & Patterns

Communication Patterns

Coordination Patterns

Data Synchronization

Shared-nothing Architectures

Distributed Locking

Compatibility Patterns

Dealing with Failure

Distributed Tracing

Concluding this Course