There are many ways to manage and validate the trust of our encryption keys. In this video, you’ll learn about using CAs, mesh relationships, web-of-trust, and mutual authentication.
<< Previous Video: Key EscrowNext: Main Menu >>
One of the most important aspects of your Public Key Infrastructure is that of trust. You have to be able to be assured that the certificates that you’re using are those that you can trust, and that the names associated with that are the names associated with people who might be receiving those and might be decrypting the information that you’re sending to them. Depending on the type of infrastructure you have and the way that you’ve built out your Public Key Infrastructure, there may be a number of different models that you use for trust. For instance, if you have a single certificate authority you might find that everyone is receiving all of their certificates from this one place, and you can trust now that that one certificate authority is managing that process for everyone.
If it’s a large organization though, you may find that it’s easier to have more than one certificate authority and you might be spreading the trust out a little bit. And then that environment is a hierarchical trust relationship where you might have a single root certificate authority. It might be issuing certificates to the intermediate certificate authorities, and then even underneath those you could have leaf certificate authorities, and finally your users and your resources.
So it depends on the size of your organization, and you may need that. There may be geographical requirements. There may be structural requirements within your organization that would require that level of control and the ability to spread the trust around from the very top root all the way down to the other certificate authorities. There’s also a type of trust called the mesh trust relationship, where every certificate authority trusts all of the other certificate authorities.
And that works extremely well if you have 2, or 3, or 4 CAs. But as you can see, once you start adding more, and more, and more, and you add one more in every single one of those certificate authorities, now all has to trust everyone else– when you start adding them– becomes a little bit more difficult. And at a certain point you simply can’t scale any larger. It’s just too complicated and too difficult to manage. If you’ve worked at all with PGP, or with OpenPGP, then you know the trust relationship there works a little bit different.
You don’t have a centralized certificate authority, what you have is everybody trusting everybody else. So it’s a friend of a friend of a friend, and everyone would sign everyone else’s certificates. Very often you have a certificate signing party– have all your friends in a room– everybody signs everybody certificates. And eventually those types of things now go out to other areas and you eventually can see people you’ve never met before, but you happen to know in between someone who is signed a certificate that’s common to both of you. And therefore there’s additional levels of trust that you have associated with that.
This trust relationship in OpenPGP, and PGP, is one that what we really build ourselves. It’s a person-to-person trust and it’s one that works a little bit better when you have something that’s completely uncontrolled and uncentralized like the PGP web-of-trust infrastructure. Another type of trust relationship would be a Mutual Authentication, where the server authenticates to the client and the client authenticates to the server, and both of those entities trust each other exactly the same amount.
Whether you’re using the single certificate authority, the web-of-trust, a mesh type of trust relationship– doesn’t matter– as long as you’re using the one that works for your environment. And that’s the key. As long as the trust is there, you can be assured that the certificates you are using are ones that you can rely on everyday.