Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure / Edition 1

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $14.64
Usually ships in 1-2 business days
(Save 81%)
Other sellers (Paperback)
  • All (13) from $14.64   
  • New (7) from $28.97   
  • Used (6) from $14.64   


An in-depth technical guide on the security technology driving Internet e-commerce expansion.
"Planning for PKI" examines the number-one Internet security technology that will be widely adopted in the next two years. Written by two of the architects of the Internet PKI standards, this book provides authoritative technical guidance for network engineers, architects, and managers who need to implement the right PKI architecture for their organization. The authors discuss results and lessons learned from early PKI pilots, helping readers evaluate PKI deployment impact on current network architecture while avoiding the pitfalls of early technical mistakes. Four technical case studies detail the do's and don'ts of PKI implementation, illustrating both successes and failures of different deployments. Readers will also learn how to leverage future PKI-related technologies for additional benefits.

Written by the architects of Public Key Infrastructure (PKI), this book provides authoritative technical guidance for network engineers, architects, and managers who need to implement the right PKI architecture for their organization.

Read More Show Less

Editorial Reviews

From the Publisher
"Rather than being an abstract academic text, the authors, Russ Housley and Tim Polk, write from years of practical experience. Housley is the Chief Scientist for Spyrus, and Polk is the technical lead for PKI at NIST. At a little over 300 pages, Planning for PKI is a valuable reference to the workings of PKI."
--Ben Rothke; (5/7/01)
Housely, a scientist developing computer security products, and Polk, the technical lead for public key infrastructure at the US National Institute of Standards and Technology, explain how to deploy, operate, and maintain a major component of current network security solutions. Citing case studies of pioneering implementations, they illustrate its use in securing electronic business communications and transactions. Annotation c. Book News, Inc., Portland, OR (
Read More Show Less

Product Details

  • ISBN-13: 9780471397021
  • Publisher: Wiley
  • Publication date: 3/27/2001
  • Series: Networking Council Series , #17
  • Edition number: 1
  • Pages: 352
  • Product dimensions: 9.25 (w) x 7.50 (h) x 0.72 (d)

Meet the Author

RUSS HOUSLEY is Chief Scientist for SPYRUS, a leading provider of security products. He has contributed to the development of many standards, including PKIX Part 1, S/MIME, and MSP, the security cornerstone of the U.S. Defense Message System. He is a member of the President's Export Council Subcommittee on Encryption, and chair of the IETF S/MIME Working Group.
TIM POLK is the technical lead for PKI at the National Institute of Standards and Technology (NIST). He has participated in federal PKI projects, such as the Federal Bridge CA project, since 1995. He has contributed to the development of many standards including PKIX Part 1. He is currently the co-chair of the IETF PKIX Working Group.
Read More Show Less

Read an Excerpt

3. PKI Basics

Chapter 2, "Cryptography Primer," left us with the promise of public key cryptography and some unresolved problems. First and foremost, before Alice can use a public key, she needs to know who has the corresponding private key. When Alice verifies a signature, she is confirming (or denying) that Bob signed the message. If someone else has the corresponding private key, he or she sent the message, not Bob. When Alice encrypts her response to Bob, she needs to be sure that only Bob can read it. If Bob does not have the corresponding private key, he will not be able to decrypt the response.

Alice also needs to know what applications are appropriate for Bob's key. Perhaps Bob's key should only be used to sign or encrypt electronic mail, but not to sign contracts. Finally, she needs a solution that will be scalable. That is, the solution must continue to work for Alice if she communicates with hundreds of people instead of just Bob.

This chapter introduces the basic tools of a PHI in a rather abstract fashion. There are two basic tools used in a PKI to determine who has a private key: the public key certificate and the certificate revocation list. The former will establish who, and the latter will ensure the information is up to date. The basic PKI tool that answers the question what the key can be used for is the certificate policy. The basic PKI tool for scalability-the tool that lets Alice communicate with hundreds of people-is the certification path.

In Part Two, PKI Details, we will revisit each of these topics in detail, devoting a chapter or more to each.

Simple Certificates

As described in Chapter 2, the basic problem with public key cryptography is determining who holds the corresponding private key. To answer this question, a PHI relies upon the concept of a public key certificate, or simply certificate. A certificate is the most basic element of a PHI. Each certificate contains a public key and identifies the user with the corresponding private key. For example, if Alice has a certificate with Bob's public key, she will know that Bob has the private key.

Certificates are not really a new concept to us. They will resemble a couple of everyday objects in important ways. Those everyday objects are the credit card and the business card. The features of these objects are insufficient, but we will build the "ideal certificate" from their features. Finally, we will describe real public key certificates and contrast them with the ideal certificate.

The Business Card

The business card is inescapable. It is almost impossible to return from a meeting or conference without a handful of these little paper cards. Each card identifies a particular person and provides some additional information about him or her. In general, that information will include the person's employer, telephone number, mailing address, and electronic mail address. Some people print their public key on the card as well, making this the most rudimentary form of a certificate.

Bob can distribute his business card to everyone he meets. By printing his public key on the back of his business card, Bob is declaring that he holds the corresponding private key. (Bob's card is shown in Figure 3.1.) If Alice has Bob's card, she has the public key, and she knows Bob has the private key because his name is on the front of the card. She trusts the information because she obtained it directly from Bob.

There are a number of drawbacks to this type of certificate. The user must receive the business card in person, or the user will have no basis on which to trust it. This is very limiting; all participants must have met face to face. What if Bob and Alice need to work together, but they have never met? Twenty years ago, this may not have been a realistic question, but it is a real problem today. Frequently, project teams are formed that cross geographical and organizational boundaries. There may not be a single person who has personally met every member of the team.

In addition, the information on the business card is all self-proclaimed. Bob has proclaimed that he works for Fox Consulting and that he is the Chief Technical Officer. If all of that information is true, Bob may be the ideal recipient of Alice's wonderful project idea. Of course, "Bob" may have a reason to lie, and anyone with a personal computer can generate business cards! How well does Alice know Bob? Without additional information, Alice can only be sure that the man in the gray suit introduced himself as Mr. Burton and handed her the card.

Alice also can't tell if the card is a forgery or has been altered since she received it. Anyone with a computer and a printer can create a business card. Is it real? People commonly update the information on their cards by hand. Is that Bob's handwriting with the new e-mail address? In most cases, Alice can't be sure.

It is also impossible to retrieve or correct those business cards once they are distributed. This is a problem, since the information on the card may have been true when the card was distributed, but is now false. If Bob loses his private key, it will be very difficult to contact everyone he gave a card to tell them. If the card identifies an organization, the same dilemma emerges at every job change.

Last, but not least, before Alice can use Bob's public key, she needs to type it in. That is no small feat for a 1024-bit key, much less a 2048-bit key!

A business card meets the most basic requirement for a public key certificate-it can contain the public key and identify the user with the corresponding private key. However, Alice should be nervous about implementing security with a certificate that is so easy to forge or alter. In addition, any tool that requires face-to-face meetings and retyping keys is hardly scalable.

The Credit Card

Almost everyone is familiar with the credit card. In general, a credit card does not contain a public key, so it really isn't a certificate at all. However, the basic problem is very similar. In this arena, Alice wants to determine who is associated with an account number. The techniques used to determine who provide an excellent counterpoint to the model of the business card.

The credit card certainly shares some features with the business card; it includes the name of the cardholder and the account number. If this is a corporate card, it names the company or organization as well. It is missing the contact information (for example, the telephone number and mailing address). However, it has several important features that the business card lacks. The credit card includes the logo of the issuer (for example, VISA, MasterCard, American Express, or Discover). A credit card includes an expiration date. Sometimes it includes a holographic image, and most of the information is in raised letters. Finally, the cardholder has signed it on the back. These features provide some very different properties from those we found in the business card certificates.

First, credit card use is not restricted to parties who have met. Credit cards can be used to purchase items over the Internet or by telephone. The basis for trusting credit cards does not involve the cardholders, so it doesn't matter if they have met. The credit card issuer is proclaiming this information to be true, not the cardholder. People accept the card explicitly because they trust the issuer, not because they trust the cardholder.

There are a number of features to help Alice decide if Bob's credit card issued by Trusty Cards Corporation (Figure 3.2) is genuine for card present transactions. People can generally tell if a credit card seems legitimate by the look and feel. If the card includes a recognizable hologram, that distinguishing characteristic makes the card more difficult to forge. The cardholder's name, account number, and expiration date are all in raised letters. It would be difficult to change that information once a card has been issued. Alice can look at the signature stripe on the back of the card. The signature is difficult to erase, so a thief would have to duplicate Bob's signature.

The Trusty Cards credit card company cannot retrieve Bob's credit card when the information becomes out of date (for example, when Bob quits paying the bill) anymore than Bob can retrieve his out-of-date business cards. However, the credit card's expiration date limits this problem. Issuers recognize up front that the information may not be good forever, so they include an expiration date. After that date, Alice knows not to accept the card. This is not a complete solution, though. Bob may quit paying the bill long before the card expires.

Finally, the credit card includes that magnetic stripe. Instead of typing the information into a computer or sales register, Alice swipes the card through a magnetic stripe reader. All the information she needs is transferred automatically into the system. This is a great improvement over typing the public key that was printed on the business card...

Read More Show Less

Table of Contents




Cryptography Primer.

PKI Basics.

Authentication Mechanisms.

PKI Components and Users.

PKI Architectures.

X.509 Public Key Certificates.

Certificate Revocation Lists.

Repository Protocols.

Building and Validating Certification Paths.

PKI Management Protocols.

Policies, Procedures, and PKI.

PKI-Enabled Applications.

Defense Message System 1.0.

California Independent Service Operator.

The Federal Bridge CA Project.

Future Developments.

Appendix A: ASN.1 Primer.

Appendix B: Object Identifiers.



Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)