Public-key infrastructure or “PKI” refers to a system that is utilized to provide public-key encryption and digital signature services. The purpose of PKI is to manage keys and certificates. By managing keys and certificates through a PKI, an organization can establish and maintain a trustworthy networking environment. PKIs can enable the use of encryption and digital signature services across a wide variety of applications.
PKIs can be used to ensure that user identities and keys are valid and trustworthy. To provide this assurance, all users of a PKI have a registered identity. These identities are stored in a digital format known as a public-key certificate. Certification Authorities (CAs) act as agents of trust in a PKI. As long as a CA is trusted, users can trust certificates issued by the CA. Certification Authorities create certificates for users or clients by digitally signing, with a CA private key, a set of data that can include the following information, as well as other information: an ID such as a client's hardware ID, a public key associated with the user or client, a validity period of the certificate, and/or specific operations for which the public key is to be used.
The Certification Authority's signature on a certificate allows any tampering with the contents of the certificate to be easily detected. As long as the Certification Authority's signature on a certificate can be verified, the certificate has integrity. Since the integrity of the certificate can be determined by verifying the Certification Authority's signature, certificates are inherently secure and can be distributed in a completely public manner.
In many systems, servers distribute certificates including the ID, public key, and signature. The certificate can, in some instances, be generated at run time responsive to a client request. Typically, a client will formulate a request and include, in the request, an ID that it wishes to be placed into the certificate. The certificate can then be generated, in at least some instances, by what is known as an individualization server.
One of the issues associated with servers issuing certificates, such as individualization servers, is that the servers are front-end servers that are operated by entities that are different from entities associated with digital rights management (DRM) entities that protect content that can be obtained and consumed using the issued certificates. If the individualization server's private key is compromised, as by being leaked by personnel associated with the individualization server, then certificates can be issued by malicious entities, thus compromising the integrity of the system.