Editing Key exchange (section)

===Public key infrastructure===
[[Public key infrastructure]]s (PKIs) have been proposed as a workaround for the problem of identity authentication. In their most usual implementation, each user applies to a “[[certificate authority]]” (CA), trusted by all parties, for a [[digital certificate]] which serves for other users as a non-tamperable authentication of identity. The infrastructure is safe, unless the CA itself is compromised. In case it is, though, many PKIs provide a way to revoke certificates so other users will not trust them. Revoked certificates are usually put in [[certificate revocation list]]s which any certificate can be matched against.

Several countries and other jurisdictions have passed [[legislation]] or issued regulations encouraging PKIs by giving (more or less) legal effect to these digital certificates (see [[digital signature]]). Many commercial firms, as well as a few government departments, have established such certificate authorities.

This does nothing to solve the problem though, as the trustworthiness of the CA itself is still not guaranteed for any particular individual. It is a form of [[argument from authority]] fallacy. For actual trustworthiness, personal verification that the certificate belongs to the CA and establishment of trust in the CA are required. This is usually not possible.

There are known cases where [[Authoritarianism|authoritarian]] governments proposed establishing so-called “national CAs” whose certificates would be mandatory to install on citizens’ devices and, once installed and trusted, could be used for monitoring, intercepting, modifying, or blocking the encrypted internet traffic.<ref>{{Cite news|url=https://slate.com/technology/2015/12/kazakhstan-wants-citizens-to-download-a-mandatory-national-security-certificate.html|title=Kazakhstan's Unsettling New Cybersecurity Plan|last=Wolff|first=Josephine|date=2015-12-14|work=Slate|access-date=2019-01-09}}</ref><ref>{{Cite news|url=http://www.mondaq.com/x/455980/IT+internet/Security+Certificate+Of+The+Republic+Of+Kazakhstan+The+State+Will+Be+Able+To+Control+The+Encrypted+Internet+Traffic+Of+Users|title=Security Certificate Of The Republic Of Kazakhstan: The State Will Be Able To Control The Encrypted Internet Traffic Of Users|last=Shapovalova|first=Natalia|date=2016-01-05|work=Mondaq|access-date=2019-01-09}}</ref><ref>{{Cite news|url=https://meduza.io/en/news/2016/02/15/the-kremlin-reportedly-wants-to-create-a-state-operated-center-for-issuing-ssl-certificates|title=The Kremlin reportedly wants to create a state-operated center for issuing SSL certificates|date=2016-02-15|work=Meduza|access-date=2019-01-09}}</ref>

For those new to such things, these arrangements are best thought of as electronic [[Notary public|notary]] endorsements that “this public key belongs to this user”. As with notary endorsements, there can be mistakes or misunderstandings in such vouchings. Additionally, the notary itself can be untrusted. There have been several high-profile public failures by assorted certificate authorities. <ref>{{Citation|title=CA/Symantec Issues|url=https://wiki.mozilla.org/CA/Symantec_Issues}}</ref><ref>{{Citation|title=Symantec caught once again improperly issuing illegitimate HTTPS certificates|date=23 January 2017 |url=https://www.extremetech.com/internet/243202-symantec-caught-improperly-issuing-illegitimate-https-certificates}}</ref>