Introduction 

The introduction of ePassports creates opportunities for States to enhance global civil aviation security while at the same time improving the efficiency of aviation operations. The ePassport can contribute to this because verification of the public key infrastructure certificates associated with ePassports can provide border control authorities with an assurance that documents are genuine and unaltered, which in turn allows the biometric information contained in ePassports to be relied on to automate aspects of the border clearance process. 

ePassport PKI Validation 

The implementation of a global system for ePassport validation achieved via the exchange of Public Key Infrastructure (PKI) certificates is essential for the interoperability benefits of ePassports to be realised.

 

PKI validation does not require or involve any exchange of the personal data of passport holders, and the validation transactions help combat identity fraud.

 

The business case for validating ePassports is compelling. Border control authorities can confirm that: 

  1. The document held by the traveller was issued by a bonafide authority.
  2. The biographical and biometric information endorsed in the document at issuance has not subsequently been altered.
  3. Provided active authentication and / or chip authentication is supported by the ePassport, the electronic information in the document is not a copy (ie clone).
  4. If the document has been reported lost or has been cancelled, the validation check can help confirm whether the document remains in the hands of the person to whom it was issued.

As a result passport issuing authorities can better engage border control authorities in participating countries in identifying and removing from circulation bogus documents.

 

ePassport validation is therefore an essential element to capitalise on the investment made by States in developing ePassports to contribute to improved border security and safer air travel globally.  Because the benefits of ePassport validation are collective, cumulative and universal, the broadest possible implementation of ePassport validation is desirable. 

The Role of the ICAO PKD 

The exchange of PKI certificates and certificate revocation lists must be reliable and timely.  This exchange cannot be achieved by other than electronic means.

 

The system of ePassport validation must operate on an open ended, indefinite basis.

 

The ICAO PKD has been established to support the global interoperability of ePassport validation to act as a central broker to manage the exchange of certificates and certificate revocation lists.  This central role is critical to minimise the volume of certificates being exchanged, to ensure timely uploads and to manage adherence to technical standards to ensure interoperability is achieved and maintained.

 

ICAO PKD – Governance Arrangements 
The ICAO PKD was created at the request of ICAO Contracting States by ICAO Council and operates under the authority of the “Memorandum of Understanding (MoU) Regarding Participation and Cost Sharing in the Electronic Machine Readable Travel Documents ICAO Public Key Directory”.

 

The PKD Board is the standing body responsible for the ICAO PKD, and the appointment of the PKD Board Members by the ICAO Council, in consistence with the provisions of the MoU. The PKD Board determines a range of operational procedures including: 

The ICAO PKD Board procedural documents and MoU are available for download at PKD Documents.

Transitional fee arrangements applied in 2007 and 2008. Details of the application of these arrangements are provided to new PKD Participants after payment of their Registration Fee.  Details of the current fees that apply to new PKD Participants are available at: PKD Fee Schedule
 
  
The names and contact details of PKD Participants​​​​ are included for download.  

ICAO PKD – Technical Architecture 

Technical documents relating to the operation of the ICAO PKD include the Regulations for the ICAO Public Key Directory  and the Procedures for the ICAO Public Key Directory. These documents are available for download at PKD Documents. 

 

A further technical document, the PKD Interface Specifications is provided to prospective PKD Participants after lodgement of their Notice of Participation in the ICAO PKD with the ICAO Secretariat and payment of the Registration Fee.
 
The management of these various technical documents, including considering and approving amendments to them, is part of the business of the PKD Board. 
 
Amendments to the PKD technical documents must be consistent with Document 9303.  Where required the PKD Board seeks NTWG and TAG-MRTD approval of amendments to Document 9303.
 
ICAO PKD – Current Operational Status
The ICAO PKD commenced operations in March 2007.
 
The geographical distribution of the current PKD Participants are shown on the following map.
 
The PKD Board’s​ annual report​ to PKD Participants reviewing operational issues in the ICAO PKD is available for download at PKD Documents.
 
Complaints and Feedback 
PKD Participants, PKD users and ICAO Contracting States are invited to provide feedback or lodge complaints regarding the operation of the ICAO PKD or information provided regarding the ICAO PKD (including the content of this website).
 
All complaints should be lodged using the feedback form available at:
ICAO PKD complaints and feedback
 
Details of the ICAO PKD Board’s process for managing complaints are set out in the document “PKD Board Procedure for Handling Operational Complaints” which is available for download at: 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

​​​​​