Root of Trust
The root of trust model defines how users and different CAs can trust one another.
- Each CA issues itself a certificate
- called a root certificate
- is self-signed
- uses an RSA key size of 2,048 or 4,096 bits or the ECC equivalent
- serves as the trust anchor
- can be used to sign other certificates issued by the CA
- Installing the CA’s root certificate means that hosts will automatically trust any certificates signed by that CA
- called a root certificate
Single CA
- single root CA issues certificates directly to users and computers
- often used on private networks
- problem with this approach
- the single CA server is very exposed
- If compromised the whole PKI collapses
Third-party CAs
- most third-party CAs operate a hierarchical model
- root CA issues certificates to one or more intermediate CAs
- intermediate CAs issue certificates to subjects (leaf or end entities)
- advantage:
- different intermediate CAs can be set up with certificate policies
- enables users to perceive clearly what a particular certificate is designed for
- Each leaf certificate can be traced to the root CA along the certification path
- referred to as certificate chaining or a chain of trust
- different intermediate CAs can be set up with certificate policies
Self-signed Certificates
- PKI can be difficult or expensive to manage
- Any machine, web server, or program code can be deployed with a self-signed certificate
- has been signed by the entity that issued it, rather than by a CA
- e.g., web administrative interfaces of consumer routers are often only protected by a self-signed certificate
- useful in development and test environments
- OS or browser will mark self-signed certificates as untrusted
- user can choose to override this
- very difficult to validate
- should not be used to protect critical hosts and applications