CISSP For Dummies

A Public Key Infrastructure (PKI) is an arrangement whereby a central authority is used to store encryption keys or certificates associated with users and systems, thereby enabling secure communications through the integration of digital signatures, digital certificates, and other services necessary to ensure confidentiality, integrity, authentication, non-repudiation, and access control.

 Instant Answer   The four basic components of a PKI are the Certification Authority, Registration Authority, Repository, and Archive:

• Certification Authority (CA): The Certification Authority (CA) comprises hardware, software, and the personnel administering the PKI. The CA issues certificates, maintains and publishes status information and Certificate Revocation Lists (CRLs), and maintains archives.

• Registration Authority (RA): The Registration Authority (RA) also comprises hardware, software, and the personnel administering the PKI. It’s responsible for verifying certificate contents for the CA.

• Repository: A repository is a system that accepts certificates and CRLs from a CA and distributes them to authorized parties.

• Archive: An archive is responsible for long-term storage of archived information from the CA.