PKI: Public Key Infrastructure Explained

Introduction: Why PKI is at the Heart of Digital Trust

In a world where millions of contracts are signed online every day, a fundamental question arises: how can you be certain that the person signing is indeed who they claim to be, and that the document has not been altered after signing? The answer lies in three letters: PKI (Public Key Infrastructure, or infrastructure to public key in French). This cryptographic system constitutes the technical foundation of any qualified electronic signature in accordance with the eIDAS regulation. In this article, we explain in detail how PKI works, its essential components — including X.509 certificates — and how it guarantees the authenticity, integrity, and non-repudiation of your digital legal acts.

---

What is PKI? Definition and Fundamental Principles

PKI (Public Key Infrastructure) refers to a set of policies, procedures, hardware, software, and people necessary to create, manage, distribute, use, store, and revoke digital certificates. It is based on asymmetric cryptography, that is, the use of a pair of mathematically linked keys: a private key (secret) and a public key (freely shareable).

The Principle of Asymmetric Key Pairs

When a signatory applies their electronic signature to a document, they use their private key to generate a unique cryptographic fingerprint of the file (a hash). This fingerprint, encrypted with the private key, constitutes the digital signature. Any third party can then verify the authenticity of this signature by using the signatory's corresponding public key. If the verification succeeds, two guarantees are established:

• Authenticity: only the holder of the private key could have produced this signature.
• Integrity: the document has not been modified since signing.

The RSA algorithm (Rivest-Shamir-Adleman) remains the most widespread, with keys of 2,048 or 4,096 bits. Elliptic curve algorithms (ECDSA) are gaining ground for their performance at equivalent security levels.

The Trust Problem and the PKI Response

Asymmetric cryptography solves the integrity problem but immediately raises another question: how do you know that the public key actually belongs to the person it claims to represent? This is precisely where PKI comes in. It introduces a trusted third party — the Certification Authority (CA) — which verifies the identity of the public key holder and issues a digital certificate guaranteeing this association.

---

Essential Components of a PKI

An operational public key infrastructure is built around several interdependent components. Understanding their respective roles is essential to assess the robustness of an electronic signature solution.

The Certification Authority (CA)

The Certification Authority is the central entity of the PKI. It digitally signs the certificates it issues, thereby linking a verified identity to a public key. In Europe, qualified CAs are listed on national trust lists (Trusted Lists), published in accordance with Article 22 of the eIDAS regulation. In France, it is the ANSSI that maintains this list. Providers such as CertEurope, Certinomis, or Certigna are listed there.

The certification hierarchy forms a trust chain: a root CA (Root CA) signs intermediate CAs, which in turn sign certificates for end users. This architecture makes it possible to limit the exposure of the root key (stored offline in an HSM) and to manage revocations on a granular basis.

The Registration Authority (RA)

The Registration Authority is responsible for verifying the identity of applicants before the CA issues a certificate. This verification can be:

• Face-to-face (required for qualified certificates under eIDAS).
• At a distance via video identification compliant with ETSI EN 319 401 standards.
• Via an eKYC process (electronic Know Your Customer) for intermediate levels of assurance.

X.509 Digital Certificates

The X.509 format is the international standard defining the structure of digital certificates in a PKI. Defined by the ITU-T and adopted by the IETF via RFC 5280, an X.509 certificate contains in particular:

• The identity of the holder (name, organisation, email).
• The public key of the holder.
• The identity and signature of the issuing CA.
• The validity period of the certificate.
• The unique serial number.
• Extensions: authorised uses (code signing, authentication, document signing), CRL distribution points, OCSP URLs.

In the context of qualified electronic signature under eIDAS, qualified X.509 certificates must be issued on a qualified signature creation device (QSCD), typically a smart card or HSM (Hardware Security Module).

The Revocation Mechanism: CRL and OCSP

A certificate may become invalid before its expiration: loss of the private key, compromise, change in the status of the holder. Two mechanisms allow verification of validity in real time:

• CRL (Certificate Revocation List): list periodically published by the CA listing revoked certificates.
• OCSP (Online Certificate Status Protocol, RFC 6960): protocol allowing instant verification of the status of a certificate. Preferred in high-frequency transaction environments.

Serious electronic signature solutions, such as those described in our comparison of electronic signature solutions, systematically integrate these checks into their signing workflow.

---

How PKI Concretely Secures Electronic Signature

Understanding the technical journey of an electronic signature based on PKI allows you to measure the level of assurance offered.

The Signing Process Step by Step

1. Document Hashing: a hashing algorithm (SHA-256 or SHA-3 according to ANSSI 2026 recommendations) produces a unique digital fingerprint of the document.
2. Encryption of the Fingerprint: the signatory encrypts this fingerprint with their private key (stored in their QSCD). This operation never leaves the secure device.
3. Creation of the Signature Package: the encrypted signature is associated with the document, accompanied by the signatory's X.509 certificate and a qualified timestamp.
4. Verification on the Recipient's Side: the recipient (or their software solution) decrypts the fingerprint with the signatory's public key, recalculates the hash of the received document, and compares. If the two fingerprints are identical, the signature is valid.

The Three Levels of eIDAS Signature and Their Relationship to PKI

The eIDAS regulation distinguishes three levels of electronic signature, each involving a more or less deep reliance on PKI:

• Simple Electronic Signature (SES): not necessarily based on PKI. Limited probative value.
• Advanced Electronic Signature (AdES): necessarily relies on a pair of keys and a certificate linked to the signatory. Standardised technical formats by ETSI: XAdES, PAdES, CAdES.
• Qualified Electronic Signature (QES): the highest level, legally equivalent to a handwritten signature throughout the EU. Requires a qualified certificate issued by a trusted CA listed on the Trusted List and a QSCD. This is the full deployment of qualified PKI.

For companies wishing to deploy qualified signatures at scale, our guide on electronic signature in business details the steps of operational implementation.

Qualified Timestamp: the Temporal Dimension of PKI

PKI is not limited to identity: it also guarantees the temporal dimension of acts via qualified timestamp (RFC 3161). A trusted timestamping service (TSA) issues a cryptographic token certifying that a document existed in its current form at a specific instant. This is crucial for long-term preservation of evidence and compliance with legal obligations to retain documentation (Article L.110-4 French Commercial Code: 5 years for commercial acts; Article 2224 French Civil Code: 5 years for contractual obligations under common law).

---

PKI and Long-Term Trust: The Challenge of Evidence Preservation

A signature that is valid today may become unverifiable in 10 years if the cryptographic algorithms used have become obsolete or if certificates have expired. PKI takes into account this challenge through signature formats with long-term probative value.

Long-Lived AdES Formats

ETSI has defined extended signature profiles — XAdES-LTA, PAdES-LTA, CAdES-LTA — which encapsulate in the signed file all the evidence necessary for future verification: complete certificate chains, archived OCSP responses, multiple timestamps. These formats comply with the ETSI EN 319 132 standard (XAdES) and ETSI EN 319 122 (CAdES).

Cryptographic Migration Facing Quantum Computing

The emergence of quantum computing represents a medium-term threat to current RSA and ECDSA algorithms. The American NIST finalised its first post-quantum cryptography standards in 2024 (CRYSTALS-Dilithium for signatures). ANSSI and ENISA are working on migration roadmaps that should materialise in revisions of the eIDAS standard around 2028-2030. Companies relying on a well-managed PKI will be better positioned for this transition, as updating certification authorities is easier than reworking ad hoc cryptographic systems.

For those evaluating their current solution, Certyneo's electronic signature ROI calculator allows you to objectify the gains associated with an industrialised PKI infrastructure.

Legal Framework Applicable to PKI and Electronic Signature

The public key infrastructure is not just a technical device: it is part of a dense European and national legal framework, whose mastery is essential for any organisation wishing to rely on electronic signature in its legal acts.

The eIDAS Regulation No. 910/2014 and Its Evolution

Adopted on 23 July 2014 and applicable since 1 July 2016, Regulation (EU) No. 910/2014 (eIDAS) constitutes the founding text for digital trust in Europe. It defines the requirements applicable to qualified trust service providers (QTSP), qualified certificates, and QSCD devices. Its Article 26 sets the conditions for advanced signature; its Article 28 defines qualified certificates for electronic signature; its Annex I details the requirements of these certificates — directly derived from the X.509 format.

eIDAS 2.0 Regulation (Regulation EU No. 1183/2024, published in OJEU on 30 April 2024) strengthens this framework by notably requiring Member States to recognise the European Digital Identity Wallet (EUDIW) and by extending recognition obligations to private service providers in determined sectors.

French Civil Code: Probative Value of Electronic Signature

Under French law, Articles 1366 and 1367 of the Civil Code (stemming from Ordinance No. 2016-131 of 10 February 2016) confer on electronic signature the same value as handwritten signature, provided it meets the requirements of identifying the signatory and the integrity of the document. The presumption of reliability applies when the signature is created according to a process qualified under eIDAS — that is, based on a qualified PKI.

Article 1368 provides that the procedures for establishing this reliability are set by decree in Council of State, namely Decree No. 2017-1416 of 28 September 2017 relating to electronic signature.

ETSI Standards Applicable to PKI

• ETSI EN 319 401: general requirements for trust service providers.
• ETSI EN 319 411-1 and -2: requirements for CAs issuing qualified certificates.
• ETSI EN 319 132: XAdES specifications for advanced XML signatures.
• ETSI EN 319 122: CAdES specifications.
• ETSI EN 319 162: preservation and timestamping services.

GDPR and Personal Data in PKI

X.509 certificates contain personal data (name, surname, email, sometimes national registration number). Their processing is subject to Regulation (EU) No. 2016/679 (GDPR). CAs must in particular define a compliant retention period, inform the holders, and guarantee the exercise of their rights. The revocation of a certificate on request from the holder constitutes a practical way of exercising the right to erasure (within the limits of the obligation to preserve evidence).

Liability and Legal Risks

A poorly managed PKI exposes the company to serious risks: contestation of the probative value of signatures in the event of expired or revoked certificates, inability to verify a signature in the long term in the absence of LTA formats, and potential civil liability in the event of compromise of private keys. Article 13 of eIDAS clarifies that the liability of qualified QTSP is engaged except to the contrary proof in case of breach of their obligations.

Use Cases: PKI in Action in Companies

Scenario 1 — A Business Law Firm with 25 Collaborators

A firm specialising in mergers and acquisitions manages on average 150 structured transactions per year, each requiring the signature of several dozen documents (protocols, shareholders' agreements, guarantees of assets and liabilities). Previously, the time required to collect physical signatures extended closings by 5 to 8 working days on average.

By deploying a qualified signature solution based on qualified PKI, the firm assigns each partner and authorised collaborator an X.509 qualified certificate on QSCD. Each signature is automatically verified (OCSP), timestamped, and archived in PAdES-LTA format. Result: the closing time for the signing phase falls to less than 24 hours, and maximum probative value is assured without any additional steps. Law firms of this size report an average reduction of 70% of administrative time related to signatures, according to sector benchmarks (National Federation of Business Lawyers, 2025).

Scenario 2 — An SME Managing 300 Supplier Contracts Per Year

A mid-sized manufacturing company (approximately 250 employees) concludes framework contracts, amendments, and binding purchase orders with around a hundred European suppliers. Geographic dispersion and language barriers made document management particularly cumbersome.

By integrating an advanced electronic signature workflow (AdES) via an API connected to its ERP, the PKI automatically manages verification of signatories' certificates on the supplier side (via the eIDAS Trusted Lists of each Member State), timestamping, and the constitution of evidence files. The legal department observes a 60% reduction in follow-ups for signature collection and a decrease in contractual disputes related to disagreements over the signed version of the document. The cost per signature drops from €12 (printing, sending, physical archiving) to less than €1.50 in digital flow, in line with the ranges published by Markess by Exaegis in its 2025 panorama of document management.

Scenario 3 — A Public Hospital Group with Approximately 1,200 Beds

In the healthcare public sector, administrative acts and public contracts must meet the requirements of the Public Procurement Code and ANSSI's recommendations on the security of sensitive IT systems. A hospital group managing several establishments must sign hundreds of contracts, amendments, and employment contracts each year.

The adoption of an internal PKI (CA dedicated to agents, certificates on CPS cards for medical staff) coupled with a SaaS signature solution for administrative acts allows compliance with NIS2 Directive requirements (transposed into French law by Law No. 2024-449 of 21 May 2024) imposing cybersecurity risk management measures. Complete traceability of signatures, real-time certificate verification, and LTA preservation of signed documents reduce the risk of contestation of administrative acts and facilitate audits by the Regional Court of Accounts. Institutions in the sector generally see a 40 to 50% reduction in the volume of paper processed for HR alone, according to ANAP data (National Agency for Performance Support, 2024 report).

Conclusion

PKI — public key infrastructure — is far more than a technical device: it is the cryptographic and legal guarantor of trust in your digital exchanges. Its components (CA, X.509 certificates, OCSP, qualified timestamp) form a coherent ecosystem that ensures the authenticity, integrity, and non-repudiation of your electronic signatures, in full compliance with the eIDAS regulation and French Civil Code. Whether you are an SME, a law firm, or a public institution, mastering the fundamentals of PKI allows you to choose the signature solution suited to your real needs — and to defend its probative value in case of dispute.

Certyneo relies on a qualified PKI compliant with eIDAS to deliver advanced and qualified electronic signatures to companies. Create your account for free or discover our pricing to start your document transformation today.