If Alice and Bob each know their own private key and the other's public key
, they can communicate securely, through any number of public-key based pro
tocols such as IPSec [1], PGP [2], S/MIME [3], or SSL [4]. However, how do
they know each other's public keys? The goal of a public key infrastructure
(PKI) is to enable public keys. It should be applicable secure, convenient
, and efficiency discovery of public keys It should be applicable as well a
s between organizations, and scalable to support the Internet There are var
ious types of PKI that are widely deployed or have been proposed. They diff
er in the configuration information required, trust rules, and flexibility
There ore standards such as X.509 [5] and PKIX [6], but these are sufficien
tly flexible so that almost any model of PKI con be supported. In this arti
cle we describe several types of PKI and discuss the advantages and disadva
ntages of each. We argue against several popular and widely deployed models
as being insecure, unscalable, or overly inconvenient. We also recommend a
particular model.