Having worked in the "PKI" field for a loooonnnnggg time now,
Where can I find an authoritative reference on what "PKI", by your definition, means?
- unfortunately, many people when hearing the phrase "public key infrastructure" thinks that that is what is meant/required, even though most of us working in the field know that it's not required.
That's a fair statement, if you can clarify what, then, are required.
(From personal experience, my belief is that the single biggest failure of PKI is the over-hyping and under-delivering of the technology. People were led to believe that once they had a PKI, their problems were solved. That's not the case. I used to hate working with people who had bought a PKI from somebody, not understanding that all they really needed then were the applications that let used the PKI/certificate stuff to do business they way they wanted to do it. The only thing worse was when I worked for a PKI company, and had to work with a customer to whom our sales-critters had just made a sale. To start a conversation with "Joe didn't tell you you still need..." wasn't fun.)
It seems to me that you think PKI not only exists but also can be purchased.
So, where can I find your definition of "PKI"?
URLs please.
Masataka Ohta