PKI: Public Key Infrastructure Explained

Introduction: Why PKI is at the Heart of Digital Trust

In a world where millions of contracts are signed online every day, a fundamental question arises: how can you be certain that the person signing is who they claim to be, and that the document has not been altered after signing? The answer lies in three letters: PKI (Public Key Infrastructure). This cryptographic system forms the technical foundation of any qualified electronic signature compliant with the eIDAS regulation. In this article, we explain in detail how PKI works, its essential components — including X.509 certificates — and how it guarantees the authenticity, integrity and non-repudiation of your digital legal acts.

---

What is PKI? Definition and Fundamental Principles

PKI (Public Key Infrastructure) refers to a set of policies, procedures, hardware, software and people necessary to create, manage, distribute, use, store and revoke digital certificates. It is based on asymmetric cryptography, that is, the use of a pair of mathematically linked keys: a private key (secret) and a public key (freely shareable).

The Principle of Asymmetric Key Pairs

When a signer affixes their electronic signature to a document, they use their private key to generate a unique cryptographic fingerprint of the file (a hash). This fingerprint, encrypted with the private key, constitutes the digital signature. Any third party can then verify the authenticity of this signature using the signer's corresponding public key. If verification succeeds, two guarantees are established:

• Authenticity: only the holder of the private key could have produced this signature.
• Integrity: the document has not been modified since signing.

The RSA algorithm (Rivest-Shamir-Adleman) remains the most widespread, with keys of 2,048 or 4,096 bits. Elliptic curve algorithms (ECDSA) are gaining ground for their performance at equivalent security levels.

The Trust Problem and PKI's Answer

Asymmetric cryptography solves the integrity problem but immediately raises another question: how do you know that the public key really belongs to the person it claims to represent? This is precisely where PKI comes in. It introduces a trusted third party — the Certification Authority (CA) — which verifies the identity of the public key holder and issues a digital certificate guaranteeing this association.

---

Essential Components of a PKI

An operational public key infrastructure is built around several interdependent components. Understanding their respective roles is essential for evaluating the robustness of an electronic signature solution.

The Certification Authority (CA)

The Certification Authority is the central entity of the PKI. It digitally signs the certificates it issues, thus linking a verified identity to a public key. In Europe, qualified CAs appear on national trust lists, published in accordance with Article 22 of the eIDAS regulation. In France, it is ANSSI that maintains this list. Providers such as CertEurope, Certinomis or Certigna are listed there.

The certification hierarchy forms a chain of trust: a root CA (Root CA) signs intermediate CAs, which in turn sign end-user certificates. This architecture limits exposure of the root key (stored offline in an HSM) and allows for granular revocation management.

The Registration Authority (RA)

The Registration Authority is responsible for verifying the identity of applicants before the CA issues a certificate. This verification can be:

• Face-to-face (required for qualified certificates under eIDAS).
• Remote via video identification compliant with ETSI EN 319 401 standards.
• Via an eKYC process (electronic Know Your Customer) for intermediate trust levels.

X.509 Digital Certificates

The X.509 format is the international standard defining the structure of digital certificates in a PKI. Defined by ITU-T and adopted by the IETF through RFC 5280, an X.509 certificate contains in particular:

• The identity of the holder (name, organisation, email).
• The public key of the holder.
• The identity and signature of the issuing CA.
• The validity period of the certificate.
• The unique serial number.
• Extensions: authorised uses (code signing, authentication, document signing), CRL distribution points, OCSP URLs.

In the context of qualified electronic signature eIDAS, qualified X.509 certificates must be issued on a qualified signature creation device (QSCD), typically a smart card or HSM (Hardware Security Module).

The Revocation Mechanism: CRL and OCSP

A certificate may become invalid before its expiration: loss of the private key, compromise, change in the status of the holder. Two mechanisms allow for real-time validity verification:

• CRL (Certificate Revocation List): list periodically published by the CA listing revoked certificates.
• OCSP (Online Certificate Status Protocol, RFC 6960): protocol allowing instant verification of a certificate's status. Preferred in high-frequency transaction environments.

Serious electronic signature solutions, such as those described in our comparison of electronic signature solutions, systematically integrate these verifications into their signature workflow.

---

How PKI Concretely Secures Electronic Signature

Understanding the technical journey of an electronic signature backed by a PKI allows you to assess the level of assurance offered.

The Step-by-Step Signature Process

1. Document Hashing: a hashing algorithm (SHA-256 or SHA-3 according to ANSSI 2026 recommendations) produces a unique digital fingerprint of the document.
2. Fingerprint Encryption: the signer encrypts this fingerprint with their private key (stored in their QSCD). This operation never leaves the secure device.
3. Signature Package Creation: the encrypted signature is associated with the document, accompanied by the signer's X.509 certificate and a qualified timestamp.
4. Recipient-Side Verification: the recipient (or their software solution) decrypts the fingerprint with the signer's public key, recalculates the hash of the received document and compares. If the two fingerprints are identical, the signature is valid.

The Three Levels of eIDAS Signatures and Their Relationship to PKI

The eIDAS regulation distinguishes three levels of electronic signature, each involving varying degrees of reliance on PKI:

• Simple Electronic Signature (SES): not necessarily based on a PKI. Limited probative value.
• Advanced Electronic Signature (AdES): must necessarily be based on a key pair and a certificate linked to the signer. Standardised technical formats by ETSI: XAdES, PAdES, CAdES.
• Qualified Electronic Signature (QES): the highest level, legally equivalent to a handwritten signature throughout the EU. Requires a qualified certificate issued by a trusted CA listed on the Trusted List and a QSCD. This is full deployment of qualified PKI.

For businesses wishing to deploy qualified signatures at scale, our guide on electronic signature in enterprise details the steps for operational implementation.

Qualified Timestamping: The Temporal Dimension of PKI

PKI is not limited to identity: it also guarantees the temporal dimension of acts through qualified timestamping (RFC 3161). A trusted timestamping service (TSA) issues a cryptographic token certifying that a document existed in its current form at a specific instant. This is crucial for long-term preservation of evidence and compliance with legal documentation retention obligations (art. L.110-4 Commercial Code: 5 years for commercial acts; art. 2224 Civil Code: 5 years for contractual obligations under common law).

---

PKI and Long-Term Trust: The Challenge of Evidence Preservation

A signature that is valid today may become unverifiable in 10 years if the cryptographic algorithms used have become obsolete or if certificates have expired. PKI addresses this challenge through long-term evidence value signature formats.

Long-Duration AdES Formats

ETSI has defined extended signature profiles — XAdES-LTA, PAdES-LTA, CAdES-LTA — which encapsulate within the signed file all the evidence necessary for future verification: complete certificate chains, archived OCSP responses, multiple timestamps. These formats comply with the ETSI EN 319 132 standard (XAdES) and ETSI EN 319 122 (CAdES).

Cryptographic Migration in the Face of Quantum Computing

The emergence of quantum computing represents a medium-term threat to current RSA and ECDSA algorithms. The US NIST finalised its first post-quantum cryptography standards in 2024 (CRYSTALS-Dilithium for signatures). ANSSI and ENISA are working on migration roadmaps that should materialise in the revisions of the eIDAS standard around 2028-2030. Companies relying on well-managed PKI will be better positioned for this transition, as updating certification authorities is easier than overhauling custom cryptographic systems.

For those evaluating their current solution, Certyneo's electronic signature ROI calculator allows you to quantify the gains associated with an industrialised PKI infrastructure.

Legal Framework Applicable to PKI and Electronic Signature

The public key infrastructure is not just a technical system: it is part of a dense European and national legal framework, the mastery of which is essential for any organisation wishing to rely on electronic signature in its legal acts.

Regulation eIDAS No 910/2014 and Its Evolution

Adopted on 23 July 2014 and applicable since 1 July 2016, Regulation (EU) No 910/2014 (eIDAS) is the founding text of digital trust in Europe. It defines the requirements applicable to qualified trust service providers (QTSPs), qualified certificates and QSCDs. Its Article 26 sets conditions for advanced signatures; Article 28 defines qualified certificates for electronic signature; its Annex I details the requirements for these certificates — directly derived from the X.509 format.

eIDAS 2.0 (Regulation EU No 1183/2024, published in the Official Journal on 30 April 2024) strengthens this framework by requiring Member States to recognise the European Digital Identity Wallet (EUDIW) and by extending recognition obligations to private service providers in specified sectors.

French Civil Code: Probative Value of Electronic Signature

Under French law, Articles 1366 and 1367 of the Civil Code (arising from Ordinance No 2016-131 of 10 February 2016) confer on electronic signature the same value as handwritten signature, provided it meets the requirements of signer identification and document integrity. The presumption of reliability applies when the signature is created according to a qualified procedure under eIDAS — that is, based on qualified PKI.

Article 1368 provides that the terms for establishing this reliability are set by decree of the Council of State, namely Decree No 2017-1416 of 28 September 2017 on electronic signature.

ETSI Standards Applicable to PKI

• ETSI EN 319 401: general requirements for trust service providers.
• ETSI EN 319 411-1 and -2: requirements for CAs issuing qualified certificates.
• ETSI EN 319 132: XAdES specifications for advanced XML signatures.
• ETSI EN 319 122: CAdES specifications.
• ETSI EN 319 162: preservation and timestamping services.

GDPR and Personal Data in PKI

X.509 certificates contain personal data (name, surname, email, sometimes national registry number). Their processing is subject to Regulation (EU) No 2016/679 (GDPR). CAs must in particular define a compliant retention period, inform holders and guarantee the exercise of their rights. Certificate revocation on request of the holder constitutes a practical way of exercising the right to erasure (within the limits of the obligation to retain evidence).

Liability and Legal Risks

Poorly managed PKI exposes the company to serious risks: contestation of the probative value of signatures in the event of expired or revoked certificates, inability to verify a signature long-term in the absence of LTA formats, and potential civil liability in the event of private key compromise. Article 13 of eIDAS clarifies that the liability of qualified TSPs is engaged unless proved otherwise in the event of breach of their obligations.

Use Cases: PKI in Action in Enterprises

Scenario 1 — A 25-person Corporate Law Firm

A firm specialising in mergers and acquisitions manages on average 150 structured transactions per year, each requiring the signing of dozens of documents (protocols, shareholders' agreements, asset and liability warranties). Previously, the time spent collecting physical signatures extended closings by 5 to 8 business days on average.

By deploying a qualified signature solution backed by qualified PKI, the firm assigns to each authorised partner and employee a qualified X.509 certificate on QSCD. Each signature is automatically verified (OCSP), timestamped and archived in PAdES-LTA format. Result: the closing delay drops to under 24 hours for the signature phase, and maximum probative value is assured without additional steps. Law firms of this size report an average 70% reduction in administrative time linked to signatures, according to sector benchmarks (French Bar Association for Business Law, 2025).

Scenario 2 — An SME Managing 300 Supplier Contracts Per Year

A mid-sized manufacturing company (approximately 250 employees) concludes framework agreements, amendments and binding purchase orders with about a hundred European suppliers. Geographic dispersion and language barriers made document management particularly heavy.

By integrating an advanced electronic signature workflow (AdES) via an API connected to its ERP, PKI automatically manages verification of supplier signatories' certificates (via eIDAS Trusted Lists of each Member State), timestamping and proof dossier constitution. The legal department notes a 60% reduction in follow-ups for signature collection and a decrease in contractual disputes related to disagreement over the signed version of the document. The cost per signature falls from €12 (printing, mailing, physical filing) to less than €1.50 in digital flow, consistent with ranges published by Markess by Exaegis in its 2025 panorama of document management.

Scenario 3 — A Public Hospital Group of About 1,200 Beds

In the healthcare sector, administrative acts and public contracts must meet the requirements of the Public Procurement Code and ANSSI recommendations regarding sensitive IT security. A hospital group managing several facilities must sign hundreds of contracts, amendments and employment agreements each year.

Adoption of an internal PKI (CA dedicated to agents, certificates on CPS cards for medical staff) combined with a SaaS signature solution for administrative acts allows meeting the requirements of the NIS2 Directive (transposed into French law by Law No 2024-449 of 21 May 2024) requiring risk management measures for cybersecurity. Complete traceability of signatures, real-time verification of certificates and LTA preservation of signed documents reduce the risk of contestation of administrative acts and facilitate audits by the Regional Audit Office. Healthcare establishments in the sector generally see a 40 to 50% reduction in paper volume processed for HR alone, according to ANAP data (National Agency for Performance Support, 2024 report).

Conclusion

PKI — Public Key Infrastructure — is far more than a technical system: it is the cryptographic and legal guarantor of trust in your digital exchanges. Its components (CA, X.509 certificates, OCSP, qualified timestamping) form a coherent ecosystem that assures the authenticity, integrity and non-repudiation of your electronic signatures, in full compliance with the eIDAS regulation and the French Civil Code. Whether you are an SME, a law firm or a public institution, mastering the foundations of PKI allows you to choose the signature solution adapted to your real issues — and to defend its probative value in the event of dispute.

Certyneo relies on qualified eIDAS-compliant PKI to deliver advanced and qualified electronic signatures to businesses. Create your account for free or discover our pricing to start your document transformation today.