Public-key infrastructure (PKI) is the foundation of the four major elements of digital security: authentication, integrity, confidentiality and non-repudiation. The idea of a public-key infrastructure has existed for a while, but the need for PKI has intensified as the Internet has expanded its reach into business, government, the legal system, the military and other areas that depend on secure communications. This text is both a guide for software engineers involved in PKI development and a readable resource for technical managers responsible for their organization's security policies and investments. It is a comprehensive primer to the latest in PKI technology and how it is used today. Taking a non-vendor-specific approach, it explains fundamental concepts, examines emerging standards and discusses deployment considerations and strategies that effect success. This second edition has been updated throughout to incorporate developments in the PKI field. Two new chapters have been added to address the use of PKI in the real world and to explore the technology's future.