Skip to Main Content
Many security protocols in use today were designed under the assumption that some form of global distributed public key infrastructure would eventually emerge to address key management problems. These protocols go back to the early 1990s, when a universal PKI was thought to be just around the corner. Ten years later, it's still just around the corner, and it probably always will be. Consequently, existing protocols originally designed to rely on a global PKI must either employ ad hoc solutions or use any public key that turns up, because the only alternative is not to use any keys at all. In the absence of a PKI, system administrators can incorporate alternative approaches that are easy to use, transparent to end users, and have a low unit cost.