PKI & Ascertia: Building the Foundations of Digital Trust

From its cryptographic roots in the 1970s to today’s cloud-first, hyper-connected digital economy, Public Key Infrastructure (PKI) has quietly evolved into the invisible trust fabric of our lives. It secures identities, transactions, and communications in ways that most people never see, but rely on every single day.

Whether authenticating into online banking, verifying a digital document, securing a connected vehicle, or protecting payments across borders, PKI enables trust at scale. Its history is one of innovation, adaptation, and collaboration across governments, industries, and technology providers.

For more than two decades, Ascertia have been part of this journey, helping organisations adopt PKI technologies, comply with global standards, and scale trust into new digital use cases.

From concept to critical infrastructure (1970s–1980s)

PKI began as theory. The breakthrough discoveries of Diffie–Hellman (1976) and RSA (1977) proved that secure communication could happen over public networks. By the 1980s, PKI was already protecting sensitive government and defence communications, while standards bodies such as ITU‑T introduced X.500 directories and the X.509 certificate format, cornerstones that still underpin PKI today.

Key early use cases included:

• Securing classified defence and government communications.
• Protecting central bank clearing house systems.
• Authenticating satellite and aerospace communications.

Commercial breakthrough (1990s)

The arrival of the World Wide Web transformed PKI from an academic concept into a commercial necessity. Netscape’s introduction of SSL (1994) made server certificates essential for online security and new Certificate Authorities (CAs) like VeriSign (1995) began commercialising trust.

PKI spread rapidly into S/MIME email security, VPNs, payment systems, corporate intranets, and e‑commerce, while regulators recognised its legal value. Europe’s 1999 Electronic Signature Directive paved the way for legally binding digital signatures, a turning point in global digital trust.

1990s highlights:

• SSL/TLS secured pioneers like Amazon and eBay
• Interbank payment exchange networks and ATMs were protected with PKI
• B2B data exchanges adopted certificate-based authentication

PKI goes mainstream (2000s)

By the 2000s, PKI became embedded in mainstream IT. Regulatory mandates such as ESIGN (US), HIPAA, SOX, and Europe’s eSignatures Directive accelerated adoption. Governments began issuing national eIDs and smartcards, while major software vendors integrated PKI into everyday tools. Adobe added native PDF signing, Microsoft supported Office document signing, and secure hardware tokens became common in enterprises.

2000s adoption areas:

• VPNs for global workforces
• Secure Wi-Fi authentication (EAP-TLS)
• Industrial control system security
• Online banking and transaction signing

Ascertia’s contribution:

• Founded in 2001, introducing TrustFinder OCSP validation (a precursor to ADSS Server)
• Released PDF Sign&Seal and SignEzee tools
• Developed ADSS product suite (Signing, Verification, CA, TSA Servers)
• Launched SigningHub enabling full document preparation, signing, verification, and tracking workflows
• Actively participated in ETSI interoperability testing (PAdES/XAdES/CAdES)

Cloud, mobility & remote signing (2010s)

The 2010’s brought the cloud-first and mobile era. PKI adapted to new trust models:

• Let’s Encrypt democratised HTTPs
• Certificate Transparency improved CA accountability
• Cloud signing solutions such as DocuSign and Adobe EchoSign gained mainstream traction
• The Cloud Signature Consortium (CSC) standardised remote signing APIs
• Strong authentication mandates like PSD2 reshaped financial services

Simultaneously, PKI’s extended reach into IoT, healthcare, and connected vehicles, while WebAuthn/FIDO2 introduced phishing-resistant authentication for consumers.

Ascertia’s advancements:

• Designed remote signing architecture aligned to ETSI/CEN guidance
• Adopted CSC APIs early for interoperability
• Achieved full eIDAS compliance for Advanced and Qualified Signatures and eSeals
• Introduced the Qualified Remote Signing Architecture with QSCD/HSMs integration
• Enhanced SigningHub with CSC-compliant remote signing, stronger APIs, and Long-Term Validation (LTV)
• Built a professional services team to guide customers through complex trust deployments

PKI everywhere (2020s)

Today, PKI underpins nearly every digital transaction, from national eIDs and ePassports to Kubernetes mTLS, Zero Trust architectures, DevOps pipelines, and IoT ecosystems. It secures:

• Finance: SWIFT uses PKI to authenticate institutions and sign global payment instructions; BACS secures millions of daily UK payments.
• Smart infrastructure: PKI authenticates IoT devices in smart cities and connected vehicles.
• Aerospace and defence: Mission-critical systems rely on PKI for communications and supply chain integrity.
• Healthcare: Patient data, medical devices, and telehealth platforms are safeguarded through certificate-based trust.

Ascertia’s role in the 2020s:

• Delivered ICAO-compliant travel document support
• Launched the Common Criteria SAM Appliance (EN 419 241 compliance) and advanced policy, audit, and identity features
• Introduced Premier Success Services for expert-led enablement and faster ROI
• Achieved Common Criteria certification for Ascertia PKI (NIAP CA Protection Profile)
• Released Certificate Locator, a critical tool for certificate discovery, lifecycle management, and post-quantum readiness
• Became part of the Tinexta InfoCert family, expanding global reach

Looking ahead: Post-quantum PKI

The coming era of Post-Quantum Cryptography (PQC) will redefine digital trust. Organisations will need to know where cryptography is deployed and update it without disrupting operations.

PKI will adapt again, just as it has for five decades. Ascertia’s product suite, ADSS Server, SigningHub, Certificate Locator, and Premier Success Services, is already built with crypto-agility in mind, helping customers prepare for a smooth transition to PQC.

PKI’s history shows a consistent pattern: from government labs to consumer internet, from cloud signing to IoT ecosystems, it has always been the silent enabler of trust.

For over 20 years, Ascertia has helped shape that story, delivering technologies and expertise that make PKI secure, scalable, and ready for the future.

PKI isn’t just infrastructure; it’s the foundation of digital trust. And with PQC challenges on the horizon, Ascertia continues to ensure it evolves for the decades ahead.