A PKI Glossary of terms and definitions covering some of the most common topics in a Public Key Infrastructure.
Short PKI Glossary:
PKI – A public key infrastructure provides a way to encrypt the web with digital certificates and manage the life cycle of the certificates, including enrollment, revocation, and expiration.
HTTPS – HTTPS is the secure version of the HTTP protocol, providing encryption of HTTP traffic with digital certificates issued by a PKI.
SSL – The Secure Sockets Layer is a standard for providing encryption between two entities (client and server). It is the secure protocol providing secure HTTP(s).
TLS – Transport Layer Security is the most recent version of the SSL standard/protocol.
Encryption – Encryption is simply the translation of plain text data into secret data. Asymmetric encryption (using public and private key pair) is used by PKI to encrypt the web. Symmetric encryption, on the other hand, uses one shared secret key to both encrypt and decrypt data.
Digital Certificate – A digital certificate, most commonly an X.509 certificate, is issued by Certification Authorities (CA) containing the public key of a key pair. This certificate is installed on web servers or in client code depending on the use case and can be used to identify a server or be used for client authentication.
Certification Authority – In simple terms, a Certification Authority (CA) is an entity that issues the digital certificates. Many CAs are publicly trusted, but many uses are for private CA’s for in house purposes that do not rely on external public trust.