This paper will lay out the critical challenges of in-field Public Key Infrastructure (PKI), namely Integrity, Availability, and Confidentiality, and will assess multiple conceptual solutions against them. The history and mechanisms of Subscriber Conditional Access will be detailed to provide understanding of this technology. Mapping of PKI data into a Subscriber Conditional Access system will be provided, showing a solution which meets all challenges. Analysis of organizational hierarchies, dynamic control latency, and required data bandwidths will be provided. Finally, a reference architecture showing how to implement a Subscriber Conditional Access system for Dynamic In-field PKI Authentication will be provided.