Public Key Infrastructure

PublicKeyInfrastructure (PKI) is a security mechanism often used in WebServices Implementations. Its use is also common in the setup of SecureSocketsLayer implementations (Layer 7 of OpenSystemsInterconnect model)

Introductory concepts
WebServices concerns
Self signed Certificate Authority
PKI and SSL (SecureSocketsLayer)

SSL was designed for synchronous transactions and everything is encrypted. These characteristics made its use inappropriate for WebServices.

With adoption of OasisOrganization WebServicesSecurity (WSS) specification, PKI implementation become common amongst vendor products. This is because use of PKI mechanisms enabled easier "roll-your-own" SSL like mechanisms (with fine grained encryption and authentication) that conform with WSS and upcoming WS-SecureConversation, WS-Trust.

There exists a risk that has to be managed, due to vagueness in the application of the standards concerned.

Reading Material

Ten things I wish they warned me about PKI
Introduction to W2K PKI

CategorySecurity