Certificate Authorities and PKI
Summary
This chapter examines the centralized trust model built on certificate authorities and public key infrastructure. Students will learn how X.509 certificates establish identity, how certificate chains create hierarchies of trust, and critically, where this model is vulnerable. Understanding PKI strengths and weaknesses is essential for later evaluating whether blockchain offers genuine improvements or merely shifts the trust problem.
Concepts Covered
This chapter covers the following 13 concepts from the learning graph:
- Certificate Authority
- Public Key Infrastructure
- X.509 Certificate
- Certificate Chain
- Root Certificate
- Certificate Revocation
- CA Vulnerabilities
- CA Compromise Scenarios
- Trust Anchor
- Centralized Trust
- Traditional PKI vs DLT
- Centralized Database
- Alternative Technologies
Prerequisites
This chapter builds on concepts from:
- Chapter 1: Trust and Digital Networks
- Chapter 2: Cryptographic Foundations
- Chapter 3: Keys, Signatures, and Identity
TODO: Generate Chapter Content