Towards a unified PKI framework

Abstract

Public Key Infrastructure (PKI), since its introduction in the late 1970s, enables the use of PKI certificate (PKC) in various applications. Even though PKC was proposed as a strong security credential in the past decade, in many situations, passphrase was used instead. The adoption of PKC had not been widespread and it was regarded as an impractical solution. This paper covers the recent development of PKC in some major countries. Due to the promotion from governments and international organizations, we found the deployment of PKC has been expanded over the past few years. The use of PKC is generally applied to generate electronic signatures in electronic commerce applications. However, cross-border use of electronic signatures introduces a set of legal and technical issues that is a hurdle for the use of PKC in electronic commerce applications. In this paper, we identify these issues and study various PKI interoperability models. To enables the wider use of PKC in cross-border scenario, we further propose a PKI interoperability framework.