“Developers of Web services and enterprise applications must
make their software secure. While cryptography alone does not a
secure system make, it’s important for developers to have a firm
grasp of the basic theory and technologies behind encryption, so
they can make informed decisions about whether to apply
cryptographic technology, and if so, how. In this article we begin
the exploration of applied cryptography foundations by looking at
public key infrastructure (PKI), and specifically keys,
certificates, and trust, along with some practical examples of key
generation and certificate management tasks. The full descriptions
of many of these topics are often beyond the scope of this
article.