Certifying Trust

13 years 8 months ago
Certifying Trust
A basic function of all signatures, digital or not, is to express trust and authority, explicit or implied. This is especially the case with digital signatures used in certificates. In this paper, we study the trust relationships expressed by the certificates used in X.509, PGP and SPKI. Especially, we present and revise the idea of a certificate loop, or a loop of certificates from the verifying party to the communicating peer, requesting access or acceptance. We also show how that kind of certificate loops can be used to explicitly express security policy decisions. In the end of the paper, we briefly describe our own SPKI implementation that is specially tailored towards policy management. The implementation is based on Java and build using Design Patterns. It functions as a separate process, providing security services to the local kernel and applications.
Ilari Lehti, Pekka Nikander
Added 06 Aug 2010
Updated 06 Aug 2010
Type Conference
Year 1998
Where PKC
Authors Ilari Lehti, Pekka Nikander
Comments (0)