November 1999
Intermediate to advanced
320 pages
8h 46m
English
Cross-certification is a useful mechanism for binding together previously unrelated CAs so that secure communications between their respective subject communities can be enabled. The actual mechanics of cross-certification (for example, the specific protocol messages exchanged) may be identical to certification (see Chapter 6, "Certificates and Certification," for a discussion of certification), except that both the subject and the issuer of the resulting cross-certificate are CAs (rather than the subject being an end-entity). When the distinction is important, the following terminology from RFC2510 can be used:
If the two CAs belong to the same domain (for example, within an organization's CA hierarchy, where a CA at ...