While a PKI uses public-key cryptography to assure data privacy and integrity of the identities it certifies through public keys, this does not, by itself, provide all of the assurances required to implement a PKI. Public-key cryptography, by itself, does not address the larger questions of how users of a PKI can
trust that an authenticated entity is, indeed, the entity that has been authenticated. Without this trust, especially in an environment where entity identification is crucial, the effectiveness of the entire PKI is suspect. For more information on the basis for trust in a security system, see the sections on security and trust in
OpenEdge Core Business Services.
