34

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

Footnote 34

A number of models exist which implement different strategies for the certification of the public keys of certification authorities who issue certificates (sometimes referred to generically as "issuing authorities"). Some examples include (i) a multi-level hierarchical structure back to a single "root," where public keys of issuing authorities are certified by the next higher-level certification authority; (ii) a flatter hierarchical structure where a single "root" might directly certify the public keys of all issuing authorities below it; (iii) a single level of issuing authorities which "cross-certify" each others' public keys; or (iv) a "system in which each issuing authority's public key is certified in some reliable manner without reference to a second certification authority. In a hierarchical system, the public key of the "root" certification authority is, by definition, self-authenticating.