PKI is used extensively in the U.S. federal government. However, it has not caught on in the business and commercial sectors.  Why is this the case?  In your opinion, what is the future of PKI?  Do alternate methods such as those proposed by the FIDO Alliance (URL: https://fidoalliance.orgLinks to an external site.) offer a viable alternative to PKI?

PKI or Public Key Infrastructure is one of the most common forms of encryption and manages public key encryptions. PKI is used in the government, but not in business sectors due to the requirements to manage the certificates. Without proper care, PKI becomes more of a vulnerability than a protection as with anything. Many companies do not know how to manage the certificates to ensure they are working and being used correctly. According to the article below and a survey done many companies do not provide the resources needed to maintain or do not have the money to dedicate. 

Due to the rapid pace of the evolution of technology, I believe public key encryptions will still be needed. However, I do believe FIDO biometric data will be added to the mix. While the two cannot be completely exclusive they can work together to provide better protection. PKI in the long run I believe will be easier for companies to handle than FIDO as verifying the credentials entails some of the same practices, but can get more intensive which can add additional cost. 

Resources:

Fruhlinger, J. (2020, May 29). What is PKI? and how it secures just about everything online. CSO Online. https://www.csoonline.com/article/567339/what-is-pki-and-how-it-secures-just-about-everything-online.html#:~:text=Most%20organizations%20lack%20resources%20to,assign%20clear%20ownership%20of%20it.

Queralt, M. (2018, October 11). The use of digital identities for strong authentication – PKI and Fido. Medium. https://medium.com/@michael.queralt/a-happy-path-to-the-use-of-digital-identities-for-authentication-derived-credentials-and-fido-32f2f8cd002