Quiz Entry - updated: 2026.07.14
What is a PKI, and what are the roles of its CA, RA, and VA components?
A PKI is the whole system for issuing, distributing, and verifying certificates — the CA signs them, the RA verifies applicants' identities, and the VA confirms whether a cert is still valid.
PKI (Public Key Infrastructure) is the system that can issue, distribute, and verify digital certificates. Its main components:
| Component | Role |
|---|---|
| CA (Certification Authority) | issues and signs the certificates |
| RA (Registration Authority) | verifies the identity of the applicant before a cert is issued (the gatekeeper) |
| VA (Validation Authority) | answers "is this certificate still valid / not revoked?" at use time |
Together they cover a certificate's whole lifecycle: vetting (RA) → issuance (CA) → ongoing validation (VA).
Tip: Separating the RA (identity check) from the CA (signing) is a security control — the body that proves who you are isn't the same one that mints the credential.