Public Key Infrastructure Consortium (PKI Consortium)

Trusted digital assets and communication for everyone and everything

Logo of the PKI Consortium

PKI Consortium

The PKI Consortium is comprised of leading organizations that are committed to improve, create and collaborate on generic, industry or use-case specific policies, procedures, best practices, standards and tools that advance trust in assets and communication for everyone and everything using Public Key Infrastructure (PKI) as well as the security of the internet in general. By engaging with users, regulators, supervisory bodies and other interested or relying parties the consortium can address actual issues. [learn more…]

Public Key Infrastructure

Public Key Infrastructure (PKI) defines the foundation for most modern security systems and provides Confidentiality, Integrity, Authenticity and Non-repudiation. It relies on public key cryptography, a universally accepted asymmetric technology that enables entities to securely communicate using an insecure transport or media, reliably link the data to the signatory and protects the integrity of the data while proving guarantees about the existence of the data at the time of signature creation.

Increasing support and awareness for Remote Key Attestation
August 3, 2021 by Paul van Brouwershaven (Entrust), Tomas Gustavsson (PrimeKey), Giuseppe Damiano HSM Key Attestation Secure Enclave Smart-card Token TPM
The PKI Consortium is collecting information (and looking for contributions) on how or if solutions provide a method to prove to a remote party that a private key was generated, managed inside, and not exportable from, a hardware cryptographic module.

From CASC to the Public Key Infrastructure Consortium
July 12, 2021 by Chris Bailey (Entrust), Paul van Brouwershaven (Entrust) CASC PKI PKIC
Over the years, the need for private, industry, or solution-specific PKI has grown significantly, with stricter policies and the revocation of certificates and CAs becoming more common. The impact of changes in centralized PKI have caused delays and disruption of third-party services that may or may not have been considered. Any PKI (public, private, or specific) must operate according to best practices, clear policies and without a single point of failure.

One Year Certs
July 9, 2020 by Patrick Nohe (GlobalSign) Apple CA/Browser Forum DV Google Identity Microsoft PKI Policy Root Program SHA1 SHA2 SSL/TLS
Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.

More on the PKI Consortium blog
We thank our sponsors for their ongoing support of the PKI Consortium
Participate in our community discussions and/or join the consortium