PKI is used extensively in the U.S. federal government. However, it has not caught on in the business and commercial sectors. Why is this the case? In your opinion, what is the future of PKI? Do alternate methods such as those proposed by the FIDO Alliance (URL: https://fidoalliance.org) offer a viable alternative to PKI?
While Public Key Infrastructure is a critical tool for maintaining encryption, it isn’t seen as a viable option for businesses or the commercial sectors for multiple reasons. The primary reasons are cost and the difficulty of implementation. Despite the utility of encryption and PKI, companies perceive the overall cost, time, and implementation of new resources to not be worth the hassle, hence why PKI as a tool isn’t considered and other alternatives are.
However, there is potential for PKI to be utilized in business and public spaces through two means. Either strong encryption policies are forced into those spheres over time, and PKI is eventually acknowledged as the critical tool that it is, or PKI is made to be still a strong form of encryption but made more convenient for businesses to understand and utilize.
Due to these reasons, I believe that alternatives like FIDO Alliance are a good start for implementing encryption into businesses and public sectors by being cost-effective and having an emphasis on convenience. Moreover, over time, PKI can then be implemented more and more until it becomes a standard that isn’t seen as a potential financial risk as technology improves and people gain more understanding of cybersecurity.