随着网络应用的开展,越来越多的不同域的用户相互之间需要进行安全通信,用户都希望象访问本地资源一样可以安全地访问远程资源。特别是日益兴起的电子商务急需网络安全通信,然而传统上两个实体在进行安全通信时,共享同一密钥,这就要求通信双方事先采用某种信任手段交换密钥,可是这种方式费时、缺乏扩充性,而且若通信双方事先没有建立起相互信任关系,则安全通信无法开展。于是公钥基础设施(PKI)应运而生。PKI 的作用是建立起不同实体间的“信任”关系,保障安全通信,特别是对于电子商务应用的发展,PKI 起到了基石般的关键作用。 With the development of network applications, more and more users in different domains need to communicate securely with each other, and users want to have secure access to remote resources as they access local resources. In particular, the rising e-commerce urgently needs network-based secure communication. However, in the traditional two entities, the same key is shared during secure communications. This requires that both parties use some trust method to exchange keys beforehand. However, this method takes time, Lack of scalability, and secure communications can not be carried out without the mutual trust established between the two parties in advance. So public key infrastructure (PKI) came into being. The role of PKI is to establish the “trust” relationship between different entities and to ensure secure communications. PKI, in particular, plays a key role in the development of e-commerce applications.