Cryptography Reference
In-Depth Information
to the validation authority. The validation authority can then do this through its
relationship with the owner's CA.
The connected certification model is a pragmatic 'stretching' of the closed
certification model, in order to allow public-key certificates to be managed in
environments that are either:
open , in the sense that owners and relying parties are not governed by any single
management entity;
distributed , in the case of a closed environment that is distributed, for example,
a large organisation with different branches or regional offices.
11.3.3 Joining CA domains
The connected certification model is of particular interest since it allows public-
key certificates to be used in environments where the owner and relying party do
not have trust relationships with the same CA. We will now assume that both the
owner Alice and relying party Bob have relationships with their own CAs, which
we label CA1 and CA2, respectively (hence for simplicity we now assume that the
validation authority in Figure 11.4 is a CA). We now consider the nature of the
relationship between CA1 and CA2. In particular, we will look at techniques for
'joining' their respective CA domains and allowing certificates issued by CA1 to
be 'trusted' by relying parties who have trust relationships with CA2.
CROSS-CERTIFICATION
The first technique for joining two CA domains is to use cross-certification ,
whereby each CA certifies the other CA's public key. This idea is depicted in
Figure 11.5. Cross-certification implements a transitive trust relationship. By
cross-certifying, relying party Bob of CA2, who wishes to trust a public-key
certificate issued to Alice by CA1, can do so by means of the following argument:
1. I (Bob) trust CA2 (because I have a business relationship with CA2);
2. CA2 trusts CA1 (because they have agreed to cross-certify one another);
CA1
Certification
CA2
Clients of CA1
Clients of CA2
Figure 11.5. Cross-certification
 
Search WWH ::




Custom Search