> For the complete documentation index, see [llms.txt](https://academy.autonomys.xyz/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://academy.autonomys.xyz/additional-learning/identity-security/public-key-infrastructure.md).

# Public Key Infrastructure

#### Public Key Infrastructure & Transport Layer Security

Public Key Infrastructure (PKI) is like a special club that websites need to join to prove they are legitimate and not trying to trick you. When a website wants to join the club, they get a membership card called a "digital certificate" from the club leader called a Certificate Authority (CA). This certificate has a secret code called a public key that only the real website knows.

When you visit a website, your web browser checks if they have a valid membership card or certificate from the club. If they do, it means you can trust and safely share private information with the website. It's like showing up to a friend's house and checking their ID to make sure they live there before going inside.\
\
PKI also consists of Registration Authorities (RAs) that verify the identity of entities requesting a certificate before the CA issues it. There are repositories for storing and retrieving certificates as well as Certificate Revocation Lists (CRLs), which are essential for maintaining the integrity of the system by listing certificates that are no longer trusted.\
\
\
**Transport Layer Security (TLS)**

Transport Layer Security (TLS) is a secret code language that your computer and a website use when talking over the internet. It scrambles up your conversation into an encrypted message that bad people can't understand if they try to snoop. TLS uses those membership cards or certificates from PKI to make sure your computer is really talking to the correct website through a process called authentication.

It's like you and your friend making up a silly code language that only you two understand. That way, if someone tried to listen to your conversations, it would just sound like gibberish to them. Showing the PKI certificate proves you're talking to the right friend. The encrypted conversation using TLS is like the code language.\
\
TLS almost works as a "handshake", where the server and client exchange keys, negotiate encryption algorithms, and verify each other's certificates. This process ensures that the communication channel is secure before any data is exchanged.

<figure><img src="/files/nkF5jCdU7HjwX3bi8aEx" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://academy.autonomys.xyz/additional-learning/identity-security/public-key-infrastructure.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.