Public Key Infrastructures

Electronic signatures allow the creation of many new approaches for clearing transactions via public net­works. A public key infrastructure (PKI) enables the linking of electronic keys to individuals, legal entities or servers. While not strictly nec­es­sary in closed networks, certificates serve as a means of ensuring authenticity in an open or multi-party system.

With certificates, the relation between a key and a per­son is guaranteed by a reliable Certification Authority, a trusted third party. The establishment and governing of the processes and technologies nec­es­sary to is­sue certificates and signatures demand careful and comprehensive planning efforts.


All actions, ranging from issuing through revocation to renewal of certificates must be closely coordinated. The respective processes vary depending on the ap­pli­ca­tion environment and the end user. With com­pa­ny-internal PKIs, e.g. for protecting an in-house ap­pli­ca­tion, the emphasis is on a seamless integration of the PKI into the existing IT systems. Issuing is often carried out by the personnel department, with the work council overlooking the process. When dealing with external PKIs, e.g. for clearing music downloads via Digital Rights Management, the issuing processes and the ease of use are the main development goals.


Running and maintaining a PKI requires a multitude of different components and technologies. Our ex­cel­lent know-how in the PKI environment enables us to support you in building your PKI, be it by designing your specific processes, customizing your off-­the-­ shelf products or developing an all new PKI en­vi­ron­ment with all the components tailored exactly to your needs. Many projects allow for the use of open source de­vel­op­ments when implementing a solution. As an ex­am­ple, our OSCP responder for Bouncy Castle Ex­ten­sions has been integrated into numerous op­er­a­tion­al applications to provide a quick and easy online status check.

Our knowledge covers all the established PKI stan­dards and technologies like X.509, OSCP and LDAP. Whether you are designing, building or extending your PKI, you will find in us a proficient partner on both the operational and technical level.