PKI

Understanding PKI

Public Key Infrastructure provides the framework for managing digital certificates and public keys. It enables secure communication, authentication, and data integrity across untrusted networks.

PKI Components

• Certificate Authority (CA) — Issues and manages digital certificates.
• Registration Authority (RA) — Verifies identity before certificate issuance.
• Certificate Revocation — CRL and OCSP for revoking compromised certificates.
• Certificate Lifecycle — Issuance, renewal, revocation, and archival.

PKI in Signando

All Signando ALGs use mutual TLS for inter-component communication. Each component has its own certificate, and the PKI hierarchy ensures that only authorized components can communicate.