Cryptography Reference
In-Depth Information
e
Digital signature
Relying party
Owner
Figure 11.1.
CA-free certification model
and then either self-certifies the public key or does not use a public-key certificate.
Any relying party obtains the (self-certified) public key directly from the owner.
For example, the owner could include their public key in an email signature or
write it on a business card. The relying party then has to make an independent
decision as to whether they trust the owner or not. The relying party thus carries
all the risk in this model. A variation of this idea is the
web of trust
model, which
we discuss in Section 11.4.1.
REPUTATION-BASED CERTIFICATION MODEL
The
reputation-based certification model
is depicted in Figure 11.2 and applies
when the owner has obtained a public-key certificate from a CA, but the relying
party has no relationship with this CA. Even if the relying party obtains the
verification key of the CA, which enables them to verify the public-key certificate,
because they do not have any relationship with the CA itself they do not by
default gain assurance of purpose from verification of the certificate. They are left
to
choose
whether to trust that the CA has done its job correctly and hence that
the information in the public-key certificate is correct. In the worst case, they may
not trust the CA at all, in which case they have no reason to trust any information
affirmed by the CA.
The only assurance that they might gain is through the
reputation
of the CA
that signed the public-key certificate. If the relying party has some trust in the
reputation of the CA, for example, it is a well-known organisation or trust service
provider, then the relying party might be willing to accept the information in the
public-key certificate.
