PKI Today
Realisation that one hierarchy won’t work
Realisation that a web of trust won’t always work in a commercial way
so, mostly closed applications with openness through forests of trees with cross-certification
Standards nearly complete and accepted
- PKCS#15 and PKIX completion will just about do it
Still many practical problems with standards profiles and vendor implementation
Still many legal/contractual issues
Fractured into “open loop” and “closed loop” PKI