PKI from a business and a technical perspective

This post is just to point you towards the following two documents from the PKI Forum (now OASIS  PKI Member Section).

No need to introduce them by my own, quoting from the later:

Together the two papers provide a concise, vendor neutral introduction to the PKI technology from business and technical perspectives. The audience for this Technical Perspective includes both the businessperson looking for a high level description of the technology and the IT professional who is unfamiliar with PKI concepts. Our goal is to familiarize the reader with the terminology of PKI, the architectural components and how they interact, and the certificate life-cycle management concepts.

And in my personal opinion these documents achieve the previously highlighted sentence maybe better than any other introduction documents around.

The first of them, “PKI Basics – A Business Perspective” appropiately makes reference to the legislation being built around digital signatures, a crucial aspect for business.

The use of digital signatures is supported by recent legislative actions that provide credibility to the concept of electronic signatures and recognition to the need for such a capability. The U.S. E-Sign Law, passed in 2000, and the EU Digital Signature Law, passed in 2001, are examples of this trend.

This document emphasizes too that the usage of this service for an end user shouldn’t require an in-depth knowledge about how it works, something commonly being forgotten in PKI related projects.

As with the service of electricity, the user does not need to understand how it is provided but rather that it can be relied upon to deliver.

Finally, the same happens with “PKI Basics – A Technical Perspective”, which provides detailed concepts for all the parts that compose a PKI.

For sure, both of them are good reading for someone getting into PKI.

Leave a Reply

Your email address will not be published. Required fields are marked *