← Back to glossary

🏗️

Public Key Infrastructure (PKI)

Encryption

TLS (Transport Layer Security) Certificate Pinning Certificate Authority (CA) Digital Signature

Framework of certificates, CAs, trust stores, issuance, validation, and revocation for public-key identity.

Definition

PKI includes certificate authorities, issuance policies, trust stores, validation rules, and revocation. It underpins TLS and code signing.

In plain English Framework of certificates, CAs, trust stores, issuance, validation, and revocation for public-key identity.

Why this matters

Why it matters: Weak PKI (bad validation or compromised CAs) can enable MITM and impersonation.

Example

Example: Enforce strict validation, monitor issuance, and use short-lived certs with automated renewal.