Talk:Public key infrastructure: Difference between revisions

Template:CryptographyReader

Example of Use

There should be a statement of use in the summary statement. It would be even better if there was an example of use given in the summary. Stephen Charles Thompson (talk) 00:33, 26 October 2008 (UTC)

should there be some examples of use outside strict computer-computer communication? - eg electronic passports are signed for verification purposes-- http://www.dfat.gov.au/dept/passports/ and the australian passport uses encryption in 2 ways, 1 to sign the info on there (so you know its a genuine passport) and the other is a written internal key which is needed to decode the rfid data from the chip in the card. 130.102.0.171 (talk) 02:01, 3 February 2009 (UTC)

Diagrams

• Add some diagrams, maybe something like [1], [2], [3]?

If you wish, you may use the material at [4] for this - we've tried to make it "non-sales" literature, and we can grant use of it to Wikipedia. - Ppatters 19:55, 31 December 2006 (UTC)

Ppatters, you have to release those materials to the public domain then upload it. Stephen Charles Thompson (talk) 00:36, 26 October 2008 (UTC)

It occurs to me that some vendor references might be pertinent, i.e., PKI Innovations Inc. (http://www.pk3i.com).

---

Matt, The use of computing that you cut was the result of some cogitation. I was trying to make clear in the wording that there are multiple uses, not merely in overt crypto or overt computer security. PKIs are hidden from view in many contexts and not all of them are either. For instance, copyright protection is commercial and would use squirrels if there were any prospect of it working. That it uses (or misuses, misapplies, goofs badly, ...) crypto, and claims to be a computer security issue is another thing altogether. The point was worth making, though perhaps it was made too covertly. Have you a suggestion? ww 19:50, 14 Jul 2004 (UTC)

The real purpose of putting "In field F, ..." at the start of articles is to provide the reader with some context about what general domain he's reading about. If the clause is too wordy, then I think it lessens the usefulness. — Matt 20:04, 14 Jul 2004 (UTC)

---

If PKIX is to be merged with anything, it needs to be merged with X.509 not Public_key_infrastructure, because X.509 is a subset of Public_key_infrastructure and PKIX is related entirely to the subset rather than the set. Stuartyeates 07:10, 30 May 2006 (UTC)

---

added external link

I added a link to a FAQ at Entrust website, which presents a useful overview of a PKI. At least I appreciated it as an engineering student, it doesn't have the purpose of advertise a company instead of one another (by the way, I know nothing about their products). carlo —Preceding unsigned comment added by 83.184.183.81 (talk • contribs) 08:24, 26 June 2006

diagram

Diagram has no description, RA and VA are not referenced in the article. Also the order of arrows would be unclear to novice reader. Maybe someone could help? Gryszkalis 11:21, 20 October 2007 (UTC)

Here is a german version of the diagram with editable texts. --Bananenfalter (talk) 19:18, 15 June 2012 (UTC)

Plagiarism?

Do slides 14-17 from the following URL seem awfully familiar when reading the "PKI Software" section of this article?

http://ocw.kfupm.edu.sa/user062/CSE55101/KeyM.pdf

What is the usual course of action in this case?

Also, I think some of these products do not exist anymore (e.g. CyberTrust TrustedCA)...or never existed.

Karl Wiegand (talk) 00:56, 27 December 2007 (UTC)

Well, it's not clear which cis original. I would suspect the slides are preped from the wikipedia page though, as the section was added 1st March 2007, nearly 3 months before the slides are dated. RobbieAB (talk) 02:51, 2 April 2008 (UTC)aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

"bind" should be more prominent.

Over the past year, when trying to explain digital security and digital certificates, I've found people stumble until they grasp the concept of BINDING a digital certificate to a person's identity. This article makes the point very early, which is good, but I think you should make it much more emphatically. ie bold, linked to a detailed explanation, etc.

Richard. —Preceding unsigned comment added by Richardh9935 (talk • contribs) 01:41, 2 July 2008 (UTC)

'VA' ?

In the diagram on the page is an object called 'VA', but this term is not explained or referenced to in the main text. 77.63.71.8 (talk) 10:52, 20 October 2008 (UTC)

---

It probably stands for Validation Authority AH, S+

A Question

Hi. Do you know any free, gpl or open source software, for Windows XP or platform-independent, that shows me all the certificates installed on my machine, in something like a "who-certificates-whom" (certificate dependencies) graphical tree?

(Or, in case you don't know any software like this, do you know any good source or site where I could ask?)

Thank you very much. --Faustnh (talk) 16:16, 28 March 2009 (UTC)

Simplified Intro

As a result of feedback from Skippydo I have simplified the opening (introductory) section. It now contains only a statement of the problem and an un-jargon-ized context statement. I think this goes some way toward reducing the problem of examples of use, since the goal of any encyclopedia article is to reach a wide audience, which I take to be the real reason for examples.

Diagrams likewise. I've left the dia in, even though it's not well integrated, since it helps a wide audience. You don't have to understand a dia completely to get some help from it.

I've removed the word 'bind' although not the idea. 'Bind' is in vogue right now, and therefore, it has acquired a variety of metaphorical meanings: map, instantiate, allocate, control. I thought it better to explain in plain English.

I created a section for the CA approach to authentication. Hopefully, new material on that topic will be put there. Akurn (talk) 21:32, 16 October 2009 (UTC)

In my opinion, you have completely trashed the intro. PK cryptography enables secure communication between systems as well as individuals; it provides security without regard to whether there is actually an attacker or not. NO SUPPORT IS NEEDED??? Please explain how you expect to revoke a compromised key? The article title is 'Public Key Infrastructure' and should talk about the infrastructure. The intro was fine like it was. Please fix these deficiencies or revert.Jarhed (talk) 08:09, 30 October 2009 (UTC)

Not only for users

• Reading your introduction gives the feeling that a user identity refers only to a person as digital certificates are meant for wider usage.
• The Validation Authority (VA) is still not referred

Clark Gabler / March 2011 —Preceding unsigned comment added by 212.23.234.250 (talk) 15:08, 4 March 2011 (UTC)

If a digital cert can be issued to a corporate entity, that needs to be described in the article.Jarhed (talk) 23:00, 15 June 2011 (UTC)

File:Public-Key-Infrastructure.svg needs a do-over

Can we please get something a little less hokey? 209.217.100.70 (talk) 17:26, 23 April 2012 (UTC)

Maybe something from the Bananenfalter (who did such excellent work as commons:Category:Orange_blue_cryptography_diagrams 209.217.100.70 (talk) 17:29, 23 April 2012 (UTC)

Took me some time, but now it’s done. See the category mentioned above. --Bananenfalter (talk) 19:20, 15 June 2012 (UTC)

PKA redirects here and I believe that's incorrect

PKA (Public Key Authentication) is related to PKI, but lacks certificates or an Infrastructure for validating certificates. I see that PKA can also be an acronym for Public Key Authority, which may be another name for PKI, but that should be made clear on the disambiguation page.

I'm not bold enough to edit the articles at this point, because I admit I might be right about some of these issues. JordanHenderson (talk) 14:00, 17 September 2012 (UTC)