Public-Key Infrastructure (PKI) is the infrastructure needed to support asymmetric cryptography. At a minimum, this includes the structure and services needed to do the following:
• Register and verify identities,
• Build and store credentials,
• Certify the credentials (issue digital certificates),
• Disseminate the public key, and
• Secure the private key and yet make it available for use.
The infrastructure will also need to have the structure and services to renew keys, recover keys, and to notify others when a key is revoked.
A set of highly trusted certification authorities must be able to certify other CAs, this includes being able to make and assert decisions based on use and policy.
In addition, the elements of the PKI need to be able to interoperate seamlessly with all of the other elements whether they are within the same organization or not. Since they must provide these services to a wide variety of applications and entities; use of standards is absolutely required.