Yunpu's Sun World: Sun Campus Ambassador Canada

Is there anybody who is familiar with PKI and the PKI implementation on mobile communication? I tried to build up a lightweight infrastructure to keep the security for mobile transaction. If you have any comments or information about mobile payment/transaction security or PKI, symmetric-key, public-key etc, or some implementation research based on JavaME/JavaEE, please feel free to leave them here. Also you can reach me via email: yunpu.zhu-AT-sun-DOT-com

 ------------------------------------------------------------------------Thanks

In cryptography, a public key infrastructure (PKI) is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique for each CA. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority (RA) . For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgeable in public key certificates issued by the CA.

The term trusted third party (TTP) may also be used for certificate authority (CA). The term PKI is sometimes erroneously used to denote public key algorithms, which do not require the use of a CA.

PKI arrangements enable computer users without prior contact to be authenticated to each other, and to use the public key information in their public key certificates to encrypt messages to each other.^[1] In general, a PKI consists of client software, server software, hardware (e.g., smart cards), legal contracts and assurances, and operational procedures. A signer's public key certificate may also be used by a third-party to verify the digital signature of a message, which was made using the signer's private key. In general, a PKI enables the parties in a dialogue to establish confidentiality, message integrity and user authentication without having to exchange any secret information in advance, or even any prior contact. The validity of a PKI between the communicating parties is, however, limited by practical problems such as uncertain certificate revocation, CA conditions for certificate issuance and reliance, variability of regulations and evidentiary laws by jurisdiction, and trust.^[2] These problems, which are significant for the initial contact, tend to be less important as the communication progresses in time (including the use of other communication channels) and the parties have opportunities to develop trust on their identities and keys.^[2]