Term · 13. Cryptography & Signatures

Public Key Infrastructure PKI

Technology Source: RFC 5280 (X.509)

AuthN Standards IETF / RFC NIST Introduced by: Big4 (Deloitte / PwC / EY / KPMG)

Definition

Public Key Infrastructure (PKI) — distributed system of services, components, and policies supporting cryptographic operations based on public/private key pairs. Includes Certificate Authority (CA), Registration Authority (RA), repositories (CRL/OCSP), end-entity certificates. Core standard — X.509 v3 (RFC 5280).

Sources

RFC 5280 — X.509 Public Key Infrastructure primary source

Related terms

Kerberos

Network authentication protocol developed at MIT (Kerberos v5: IETF RFC 4120, 2005) using symmetric-key cryptography and …
DPoP (Demonstration of Proof of Possession) (DPoP)

Demonstration of Proof-of-Possession — IETF RFC 9449, OAuth 2.0 mechanism binding an access token to a private key held …
mTLS (mutual TLS) (mTLS)

Mutual TLS — both client and server authenticate each other via certificates during TLS handshake. RFC 8705 specifies OA …
OpenID Connect (OIDC)

Identity layer on top of OAuth 2.0 (OpenID Foundation, OIDC Core 1.0). Provides standardized authentication via JWT ID t …
FAPI 2.0 (Financial-grade API) (FAPI 2.0)

OpenID Foundation Financial-grade API Security Profile 2.0 — high-security authorization profile for financial APIs (ope …
OAuth 2.1 (OAuth 2.1)

IETF draft consolidating OAuth 2.0 (RFC 6749) with security best practices and deprecating insecure patterns: removes im …

← Back to glossary · Open in main list