SecAppDev 2019 has ended
Back To Schedule
Wednesday, February 20 • 14:00 - 15:30
Public Key Infrastructure (PKI) fundamentals

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

PKIs ensure the secure delivery and management of public keys. One example is the ecosystem supporting HTTPS, but PKIs are also used in payment systems (EMV) or intranets. This session covers how to manage keys, certificates, and revocation.

The function of a Public Key Infrastructure (PKI) is to ensure secure delivery and management of public keys. The most widely used PKI is the ecosystem supporting HTTPS. This ecosystem heavily depends on certificate authorities to ensure the validity of a certificate, but alternative trust models exist as well. In fact, different trust models lead to different key architectures.

In this session, you will discover what is needed to build and deploy a PKI. At its core, a PKI is about publishing public keys using digitally signed certificates. However, when a private key may be compromised, you also need to be able to revoke a certificate. As history has shown us, revocation is harder than you may imagine. We explore a couple of alternatives, including Certificate Revocation Lists (CRL), and the Online Certificate Status Protocol (OCSP). In the end, you will understand how public PKIs work. You will also have a list of requirements and best practices for setting up a private PKI system.

This session is intended for anyone building, designing or securing applications.


Bart Preneel

Full professor, KU Leuven

Wednesday February 20, 2019 14:00 - 15:30 CET
Main building (room Lemaire)