Editing Public key infrastructure (section)

== Uses ==

PKIs of one type or another, and from any of several vendors, have many uses, including providing public keys and bindings to user identities, which are used for:
* [[Encryption]] and/or sender [[authentication]] of [[e-mail]] messages (e.g., using [[OpenPGP]] or [[S/MIME]]);
* Encryption and/or authentication of documents (e.g., the [[XML Signature]] or [[XML Encryption]] standards if documents are encoded as [[XML]]);
* [[Authentication]] of users to applications (e.g., [[smart card]] logon, client authentication with [[Secure Sockets Layer|SSL/TLS]]). There's experimental usage for digitally signed [[HTTP]] authentication in the Enigform and [[mod_openpgp]] projects;
* [[Bootstrapping]] secure communication protocols, such as [[Internet key exchange]] (IKE) and [[Secure Sockets Layer|SSL/TLS]]. In both of these, initial set-up of a secure channel (a "[[security association]]") uses [[asymmetric key]]—i.e., public key—methods, whereas actual communication uses faster [[symmetric key]]—i.e., [[secret key]]—methods;
* Mobile signatures are electronic signatures that are created using a mobile device and rely on signature or certification services in a location independent telecommunication environment;<ref>Mark Gasson, Martin Meints, Kevin Warwick (2005), [http://www.fidis.net/resources/deliverables/hightechid/#c1785 D3.2: A study on PKI and biometrics], FIDIS deliverable (3)2, July 2005</ref>
* [[Internet of things]] requires secure communication between mutually trusted devices. A public key infrastructure enables devices to obtain and renew X.509 certificates, which are used to establish trust between devices and encrypt communications using [[Transport Layer Security|TLS]].