The trust problem
A server can present a public key, but how does a client know the key really belongs to that server and not an attacker? Public key infrastructure, or PKI, answers this with certificates signed by trusted certificate authorities. A certificate binds an identity, such as a domain name, to a public key, and the authority vouches for that binding.
The chain of trust
- A certificate authority holds a root key trusted in advance by browsers and operating systems.
- The authority signs intermediate certificates, which in turn sign leaf certificates for servers.
- A client validates the chain from the leaf up to a root it already trusts.
- Revocation mechanisms let a compromised certificate be marked invalid before it expires.
The power of PKI is that trust scales: a client only needs to trust a small set of roots to verify millions of servers it has never met. The weakness is that any trusted authority can sign for any domain, so a single compromised or careless authority can issue fraudulent certificates. Mechanisms like certificate transparency logs help detect such misissuance by making every certificate publicly auditable.
Key idea
PKI lets clients trust unknown servers by validating a certificate chain up to a small set of preinstalled root authorities, scaling trust at the cost of depending on every authority behaving honestly.