PKI: Public Key Infrastructure Explained

Introduction: Why PKI is at the Heart of Digital Trust

In a world where millions of contracts are signed online every day, a fundamental question arises: how can you be certain that the person signing is who they claim to be, and that the document has not been altered after signature? The answer lies in three letters: PKI (Public Key Infrastructure). This cryptographic system forms the technical foundation of all qualified electronic signatures compliant with the eIDAS regulation. In this article, we explain in detail how PKI works, its essential components — including X.509 certificates — and how it guarantees the authenticity, integrity and non-repudiation of your digital legal acts.

---

What is PKI? Definition and Fundamental Principles

PKI (Public Key Infrastructure) refers to a set of policies, procedures, hardware, software and people necessary to create, manage, distribute, use, store and revoke digital certificates. It is based on asymmetric cryptography, that is, the use of a mathematically linked pair of keys: a private key (secret) and a public key (freely shareable).

The Principle of Asymmetric Key Pairs

When a signer applies their electronic signature to a document, they use their private key to generate a unique cryptographic fingerprint of the file (a hash). This fingerprint, encrypted with the private key, constitutes the digital signature. Any third party can then verify the authenticity of this signature by using the signer's corresponding public key. If the verification succeeds, two guarantees are established:

• Authenticity: only the holder of the private key could have produced this signature.
• Integrity: the document has not been modified since signing.

The RSA algorithm (Rivest-Shamir-Adleman) remains the most common, with key sizes of 2,048 or 4,096 bits. Elliptic curve algorithms (ECDSA) are gaining ground for their performance at equivalent security levels.

The Trust Problem and PKI's Solution

Asymmetric cryptography solves the integrity problem but immediately raises another question: how do you know that the public key really belongs to the person it claims to represent? This is precisely where PKI comes in. It introduces a trusted third party — the Certification Authority (CA) — which verifies the identity of the public key holder and issues a digital certificate guaranteeing this association.

---

The Essential Components of a PKI

An operational public key infrastructure revolves around several interdependent components. Understanding their respective roles is essential for assessing the robustness of an electronic signature solution.

The Certification Authority (CA)

The Certification Authority is the central entity of the PKI. It digitally signs the certificates it issues, thus linking a verified identity to a public key. In Europe, qualified CAs are listed on national trust lists, published in accordance with Article 22 of the eIDAS regulation. In France, the ANSSI maintains this list. Providers such as CertEurope, Certinomis or Certigna are listed there.

The certification hierarchy forms a chain of trust: a root CA (Root CA) signs intermediate CAs, which sign the certificates of end users. This architecture limits exposure of the root key (stored offline in an HSM) and allows revocations to be managed at a granular level.

The Registration Authority (RA)

The Registration Authority is responsible for verifying the identity of applicants before the CA issues a certificate. This verification may be:

• Face-to-face (required for qualified certificates under eIDAS).
• Remote via video identification compliant with ETSI EN 319 401 standards.
• Via an eKYC process (electronic Know Your Customer) for intermediate confidence levels.

X.509 Digital Certificates

The X.509 format is the international standard defining the structure of digital certificates in a PKI. Defined by the ITU-T and adopted by the IETF via RFC 5280, an X.509 certificate contains notably:

• The identity of the certificate holder (name, organization, e-mail).
• The certificate holder's public key.
• The identity and signature of the issuing CA.
• The validity period of the certificate.
• The unique serial number.
• Extensions: authorized uses (code signing, authentication, document signature), CRL distribution points, OCSP URL.

In the context of qualified electronic signature eIDAS, qualified X.509 certificates must be issued on a qualified signature creation device (QSCD), typically a smart card or HSM (Hardware Security Module).

The Revocation Mechanism: CRL and OCSP

A certificate may become invalid before its expiration: loss of the private key, compromise, change in the holder's status. Two mechanisms allow real-time validity checking:

• CRL (Certificate Revocation List): list periodically published by the CA listing revoked certificates.
• OCSP (Online Certificate Status Protocol, RFC 6960): protocol allowing instantaneous verification of a certificate's status. Preferred in high-frequency transaction environments.

Serious electronic signature solutions, such as those described in our comparison of electronic signature solutions, systematically integrate these checks into their signature flow.

---

How PKI Concretely Secures Electronic Signature

Understanding the technical journey of an electronic signature backed by a PKI allows you to measure the level of guarantee offered.

The Step-by-Step Signature Process

1. Document hashing: a hash algorithm (SHA-256 or SHA-3 according to ANSSI 2026 recommendations) produces a unique digital fingerprint of the document.
2. Encryption of the fingerprint: the signer encrypts this fingerprint with their private key (stored in their QSCD). This operation never leaves the secure device.
3. Signature packet creation: the encrypted signature is associated with the document, accompanied by the signer's X.509 certificate and a qualified timestamp.
4. Verification on the recipient's side: the recipient (or their software solution) decrypts the fingerprint with the signer's public key, recalculates the hash of the received document and compares. If the two fingerprints are identical, the signature is valid.

The Three Levels of eIDAS Signatures and Their Relationship to PKI

The eIDAS regulation distinguishes three levels of electronic signature, each involving more or less extensive use of PKI:

• Simple electronic signature (SES): not necessarily supported by a PKI. Limited evidential value.
• Advanced electronic signature (AdES): necessarily based on a key pair and a certificate linked to the signer. Technical formats standardized by ETSI: XAdES, PAdES, CAdES.
• Qualified electronic signature (QES): the highest level, legally equivalent to a handwritten signature throughout the EU. Requires a qualified certificate issued by a trusted CA listed on the Trusted List and a QSCD. This is the full deployment of qualified PKI.

For companies wishing to deploy qualified signature on a large scale, our guide on electronic signature in the enterprise details the steps for operational implementation.

Qualified Timestamping: The Temporal Dimension of PKI

PKI is not limited to identity: it also guarantees the temporal dimension of acts through qualified timestamping (RFC 3161). A trusted timestamping service (TSA) issues a cryptographic token certifying that a document existed in its current form at a specific instant. This is crucial for long-term preservation of evidence and compliance with legal obligations regarding document retention (art. L.110-4 French Commercial Code: 5 years for commercial acts; art. 2224 French Civil Code: 5 years for general contractual obligations).

---

PKI and Long-Term Trust: The Challenge of Evidence Preservation

A signature valid today may become unverifiable in 10 years if the cryptographic algorithms used have become obsolete or if certificates have expired. PKI addresses this challenge through long-term evidence signature formats.

Long-Life AdES Formats

ETSI has defined extended signature profiles — XAdES-LTA, PAdES-LTA, CAdES-LTA — which encapsulate within the signed file all the evidence necessary for future verification: complete certificate chains, archived OCSP responses, multiple timestamps. These formats comply with the ETSI EN 319 132 standard (XAdES) and ETSI EN 319 122 (CAdES).

Cryptographic Migration in the Face of Quantum Computing

The emergence of quantum computing represents a medium-term threat to current RSA and ECDSA algorithms. The US NIST finalized its first post-quantum cryptography standards in 2024 (CRYSTALS-Dilithium for signatures). ANSSI and ENISA are working on migration roadmaps that should materialize in revisions of the eIDAS standard by 2028-2030. Companies relying on a well-managed PKI will be better positioned for this transition, since updating certification authorities is easier than overhauling ad hoc cryptographic systems.

For those evaluating their current solution, Certyneo's electronic signature ROI calculator allows you to quantify the benefits of an industrialized PKI infrastructure.

Legal Framework Applicable to PKI and Electronic Signature

The public key infrastructure is not just a technical device: it fits into a dense European and national legal framework, the mastery of which is essential for any organization wishing to rely on electronic signature in its legal acts.

The eIDAS Regulation No. 910/2014 and Its Evolution

Adopted on July 23, 2014, and applicable since July 1, 2016, Regulation (EU) No. 910/2014 (eIDAS) is the founding text of digital trust in Europe. It defines the requirements applicable to qualified trust service providers (QTSP), qualified certificates and QSCD devices. Its Article 26 sets the conditions for advanced signatures; its Article 28 defines qualified certificates for electronic signature; its Annex I details the requirements for these certificates — directly derived from X.509 format.

eIDAS 2.0 (EU Regulation No. 1183/2024, published in OJEU on April 30, 2024) strengthens this framework by notably requiring Member States to recognize the European Digital Identity Wallet (EUDIW) and extending recognition obligations to private service providers in determined sectors.

French Civil Code: Evidential Value of Electronic Signature

In French law, Articles 1366 and 1367 of the Civil Code (resulting from Ordinance No. 2016-131 of February 10, 2016) grant electronic signature the same value as handwritten signature, provided it meets the requirements for identification of the signer and integrity of the document. The presumption of reliability applies when the signature is created according to a qualified procedure within the meaning of eIDAS — that is, based on a qualified PKI.

Article 1368 provides that the procedures for establishing this reliability are set by decree by the Council of State, namely Decree No. 2017-1416 of September 28, 2017 relating to electronic signature.

ETSI Standards Applicable to PKI

• ETSI EN 319 401: General requirements for trust service providers.
• ETSI EN 319 411-1 and -2: Requirements for CAs issuing qualified certificates.
• ETSI EN 319 132: XAdES specifications for advanced XML signatures.
• ETSI EN 319 122: CAdES specifications.
• ETSI EN 319 162: Preservation and timestamping services.

GDPR and Personal Data in PKI

X.509 certificates contain personal data (name, surname, e-mail, sometimes national registry number). Their processing is subject to Regulation (EU) No. 2016/679 (GDPR). CAs must notably define a retention period in compliance, inform certificate holders and guarantee the exercise of their rights. Revocation of a certificate at the holder's request is a practical way to exercise the right to erasure (within the limits of the obligation to preserve evidence).

Liability and Legal Risks

A poorly managed PKI exposes the company to serious risks: contestation of the evidential value of signatures in case of expired or revoked certificates, inability to verify a signature in the long term in the absence of LTA formats, and potential civil liability in case of compromise of private keys. Article 13 of eIDAS clarifies that qualified QTSP liability is engaged unless proven otherwise in case of breach of their obligations.

Usage Scenarios: PKI in Action in Enterprises

Scenario 1 — A Corporate Law Firm of 25 Employees

A firm specializing in mergers and acquisitions manages on average 150 structured transactions per year, each requiring the signature of several dozen documents (protocols, shareholder agreements, asset and liability warranties). Previously, the delays in collecting physical signatures extended closings by 5 to 8 business days on average.

By deploying a qualified signature solution backed by a qualified PKI, the firm assigns each authorized partner and employee an X.509 qualified certificate on QSCD. Each signature is automatically verified (OCSP), timestamped and archived in PAdES-LTA format. Result: the closing time falls to less than 24 hours for the signature phase, and maximum evidential value is ensured without additional steps. Law firms of this size report on average a 70% reduction in administrative time related to signatures, according to sector benchmarks (National Federation of Business Lawyers, 2025).

Scenario 2 — A Small Industrial Company Managing 300 Supplier Contracts Per Year

A mid-sized manufacturing company (approximately 250 employees) concludes framework contracts, amendments and purchase orders with about a hundred European suppliers. Geographic dispersion and language barriers made document management particularly heavy.

By integrating an advanced electronic signature workflow (AdES) via an API connected to its ERP, the PKI automatically manages verification of supplier signatories' certificates (via the eIDAS Trusted Lists of each Member State), timestamping and the constitution of evidence files. The legal department sees a 60% reduction in follow-ups for signature collection and a decrease in contract disputes related to disagreements over the signed version of the document. The cost per signature falls from €12 (printing, sending, physical archiving) to less than €1.50 in digital flow, in line with ranges published by Markess by Exaegis in its 2025 overview of document management.

Scenario 3 — A Public Hospital Group of Approximately 1,200 Beds

In the healthcare sector, administrative acts and public contracts must comply with the requirements of the Public Procurement Code and ANSSI recommendations for the security of sensitive IS. A hospital group managing several facilities must sign hundreds of contracts, amendments and employment contracts each year.

The adoption of an internal PKI (CA dedicated to agents, certificates on CPS cards for medical staff) coupled with a SaaS signature solution for administrative acts makes it possible to meet the requirements of the NIS2 directive (transposed into French law by Law No. 2024-449 of May 21, 2024) imposing cybersecurity risk management measures. Complete traceability of signatures, real-time verification of certificates and LTA preservation of signed documents reduce the risk of challenging administrative acts and facilitate audits by the Regional Court of Auditors. Facilities in the sector generally observe a 40 to 50% reduction in the volume of paper processed for HR alone, according to data from ANAP (National Performance Support Agency, 2024 report).

Conclusion

PKI — Public Key Infrastructure — is far more than a technical device: it is the cryptographic and legal guarantor of trust in your digital exchanges. Its components (CA, X.509 certificates, OCSP, qualified timestamping) form a coherent ecosystem that ensures the authenticity, integrity and non-repudiation of your electronic signatures, in full compliance with the eIDAS regulation and the French Civil Code. Whether you are an SME, a law firm or a public institution, understanding the fundamentals of PKI allows you to choose the signature solution suited to your actual needs — and to defend its evidential value in case of dispute.

Certyneo relies on a qualified eIDAS-compliant PKI to deliver advanced and qualified electronic signatures to businesses. Create your free account or discover our pricing to start your document transformation today.