Working Groups

PQC
Post-Quantum Cryptography Working Group

Preparing the PKI ecosystem for the quantum computing era through collaborative research, …

CM
Cryptographic Module Working Group

A central forum for addressing cryptographic module (CM) and hardware security module …

PKIMM
PKI Maturity Model Working Group

Building a globally recognized PKI maturity model for evaluating, planning, and comparing …

TCWG
Training and Certification Working Group

Advancing PKI knowledge and skills through structured training paths, certification …

CA
CA Working Group

A working group for discussions and information sharing among publicly trusted Certificate …

View all Working Groups →

Members

The PKI Consortium brings together leading organizations committed to trustworthy digital identities and secure communication.

331 Members 36 Independent
Browse all members →

Quick links

🤝
Join the PKI Consortium
Become part of our global network
📋
Application Process
Learn how membership works
📄
Bylaws & Governance
How decisions are made
Edit on GitHub

Working Groups PKIMMPKI Maturity Model (PKIMM)

Extension framework

Extension framework

The PKI Maturity Model (PKI MM) supports a framework that allows optional, pluggable extensions to augment the model without modifying the core PKI MM definition.

Extensions enable organizations to assess additional perspectives such as emerging technologies, regulatory domains, or industry-specific requirements while preserving compatibility with the standard PKI MM scoring and reporting.

Extensions may:

  • add extension-specific maturity criteria to existing PKI MM categories
  • apply weight overlays to existing PKI MM requirements or categories
  • define extension-specific scoring and reporting while still producing the standard PKI MM report

Extensions are optional and independent. They can be added or removed without changing the core PKI MM model or affecting the baseline maturity calculation.

How extensions influence maturity

💡 Concept

An extension introduces an additional maturity signal (Relevance) and adjusts importance (Overlays).
Think of extension scoring as:
Baseline PKI MM maturity blended with an Extension maturity signal, weighted by Extension emphasis

flowchart TD
    A["PKI MM Requirements"] --> B["Baseline Category Level"]
    B --> D["Extension category level"]
    C["Relevance Level"] --> D
    D --> E["Weighted Aggregation"]
    E --> F["Extension Score"]

Design principles

  • Non-destructive — extensions never modify the base PKI MM definition.
  • Composable — multiple extensions may coexist; each is scored independently against the same baseline.
  • Consistent scoring — extension scoring works the same way in full assessment (requirement-based) and self-assessment (category-based).
  • PKI MM-shaped structure — extensions follow the same hierarchy: modules → categories → requirements.

Where to go next

  • Extension structure — what fields make up an extension definition (metadata, Relevance, Overlays). Read this if you are authoring a new extension.
  • Scoring model — formulas, order-of-operations, and the end-to-end worked example. Read this if you are implementing tooling for an extension.
  • Extension catalog — the list of working-group extensions with documentation and YAML definitions.
  • Extension JSON Schema — the canonical machine-readable contract for extension YAML files.
  • Extension framework FAQ — answers to common questions including non-destructive design, multi-extension behavior, and overlay tunability.