Where is PKI (Public Key Infrastructure) used?
Web security: PKI increases web security by offering server authentication, which enables client systems to validate that the server they communicate with is indeed the intended sever. Without this information, it is possible for people to place themselves between the client and the server and intercept client data by pretending to be the server. PKI also offers client authentication, which validates the client’s identity.
Digital signatures: Digital signatures are the electronic equivalent of a sealed envelope and are intended to ensure that a file has not been altered in transit. Any file with a digital signature is used to verify not only the publishers of the content or file, but also to verify the content integrity at the time of download. On the network, PKI enables you to issue certificates to internal developers/contractors and enables any employee to verify the origin and integrity of downloaded applications.
Secure email: Some of the information sent via email is not sensitive and does not need security, but for communications that contain sensitive data, a method is needed to secure email content. PKI can be deployed as a method for securing email transactions. In application, a private key is used to digitally sign outgoing emails, and the sender’s certificate is sent with the email so that the recipient of the email can verify the sender’s signature.