Cryptography Reference
In-Depth Information
In this section we consider different public-key management models. We begin
by discussing the issue of trusting CAs, particularly techniques for joining CA
domains. We then examine the relationship between a relying party and a CA,
and use this to define several different management models.
11.3.1
Choosing a CA
In a closed environment, the choice of who will play the role of a CA may be
straightforward, since central administrative functions within an organisation are
well placed to serve such a role. Choosing an organisation to play the role of a CA
in an open environment is less straightforward. Currently, most CAs serving open
environments are commercial organisations who have made it their business to
be 'trusted' to play the role of a CA.
While CAs serving open environments can be regulated to an extent by com-
mercial pressure (if they fail to offer attractive services or experience reputational
damage then they are likely to suffer financially), the importance of their role may
demand tighter regulation of their practices. Options for this include:
Licensing
. This approach requires CAs to obtain a government license before
they can operate. Government, thus, ultimately provides the assurance that a
CA conforms to minimum standards.
Self-regulation
. This approach requires CAs to form an industry group and set
their own minimum operational standards through the establishment of best
practices.
In the UK, licensing was considered in the 1990s but was met with considerable
objections from industry. Currently the self-regulation approach is being adopted.
11.3.2
Public-key certificate management models
The owner of a public-key certificate has, by necessity, placed some trust in the
CA who issued the certificate. This may be because the owner belongs to the same
organisation as the CA (typically in closed environments) or because the owner
and the CA have a direct business relationship (typically in open environments).
However, the same cannot necessarily be said for a relying party. Indeed, the
relationship between a relying party and the public-key certificate owner's CA
defines a number of distinct public-key certificate management models, which we
now review.
CA-FREE CERTIFICATION MODEL
The
CA-free certificationmodel
is depicted in Figure 11.1 and applies when there is
no CA involved. In the CA-free certificationmodel, the owner generates a key pair
