Chapter 9. Trust Models

In this chapter, we discuss the concept of trust models in a PKI. It addresses questions such as the following:

  • How is it determined which certificates an entity can trust?

  • How can such trust be established?

  • Under what circumstances can this trust be limited or controlled in a given environment?

An understanding of the prevalent PKI trust models is important because the trust models that might be implicitly assumed by someone new to this topic (that is, a PKI that parallels an organizational chart or an existing authorization schema in a company) are rarely used in practice.

We will consider several trust models (strict hierarchy of CAs, loose hierarchy of CAs, policy-based hierarchies, distributed trust architecture, four-corner ...

Get Understanding PKI: Concepts, Standards, and Deployment Considerations, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.