Cryptography Reference
In-Depth Information
(2)
Partial trust
, meaning that Alice does not completely trust Bob, so
certificates signed by Bob must also be signed by other users (whom
she does trust) before she accepts it.
(3)
No trust
, meaning that Alice does not trust Boband will not trust
any certificate signed by Bob.
(4) In some implementations, there is a fourth level of
uncertain
, but this
essentially amounts to no trust.
In this way she builds a
web of trust
with other users, but this model is not
acceptable for such applications as e-commerce. A more generally secure
trust model is described in what follows, where we will need the term
security domain
, which means a system governed by a trusted authority.
2. In the PKI trust model called
cross-certification
, the CAs (in their respective
security domains) are required to form a
trust path
between themselves.
There are various processes within the framework of this trust model.
(1) The process called
mutual cross-certification
involves
CA
1
signing
the certificate of
CA
2
, and
CA
2
signing the certificate of
CA
1
.
(2) If the domains are different, called
interdomain cross-certification
,
then
relying parties
(those entities who verify the authenticity of an
end user's certificate) are able to trust end users in the other domain.
This trust model is clearly suited to e-commerce, such as that engaged
by two distinct business organizations.
(3) If two CAs are part of the
same
domain, called
intradomain cross-
certification
, then this model can be varied to accommodate a hier-
archy of CAs where
CA
1
can sign the certificate of
CA
2
who is at a
lower level, without having
CA
2
sign
CA
1
's certificate, called
unilat-
eral cross-certification
. An advantage of unilateral cross-certification
is that it allows relying parties to trust only the top-level root CA,
having their certificates issued by the authority closest to them.
Clearly, the trust model is an indispensable part of any PKI. We have de-
scribed only two of many such models, which is su7cient for our purposes. The
reader interested in seeing more of them in greater detail may consult [4], which
is a topic dedicated entirely to the topic of PKI.
In the following we will need the term,
certificate-revocation list
(CRL),
which is a signed data structure embodying a timestamped inventory of revoked
certificates.
Certificate Storage
Once generated, a certificate must be stored for use at a later time. For
this, CAs require what is called a public
certificate directory
, which is a public
database or server accessible for read-access by end users that the CA manages
and to which it supplies certificates. This directory is a central storage location
that provides an individual, public, central location for the administration and
Search WWH ::
Custom Search