Sciweavers

Share
WETICE
1998
IEEE

The Problem with Multiple Roots in Web Browsers - Certificate Masquerading

10 years 5 months ago
The Problem with Multiple Roots in Web Browsers - Certificate Masquerading
Much work is going into securing the public key infrastructure (PKI). Various models for trust exist; Pretty Good Privacy (PGP) and the Progressive-Constraint Trust model are examples.[3] These models describe how to protect and ensure the interrelationships of their certificate based structures; however, vulnerabilities may arise when structures based on certificate authorities (CAs) are involved. The vulnerability is based upon multiple root certificate authorities. This paper examines the need for improved methods for verifying the binding of a certificate authority (root) to the source of a protocol's messages. The protection mechanisms developed for protecting and ensuring this binding within a CA hierarchy can break down in environments where multiple roots exist. This can lead to the possibility of a CA undermining the trust placed in a peer CA.
James M. Hayes
Added 05 Aug 2010
Updated 05 Aug 2010
Type Conference
Year 1998
Where WETICE
Authors James M. Hayes
Comments (0)
books