The main component of a PKI is a certificateauthority, which issues the certificate, keeps a repository of valid certificates and manages a protocol for registering, revoking or verifying them.
But herein lies the heart of the problem, because the entire web security architecture rests upon the integrity of the embedded SSL certificateauthority (CA) system.