Joining CA Domains

Let’s learn about the connected certification model.

We'll cover the following

Cross-certification
Certification hierarchies
Certificate chains
Joining CA domains in practice

The connected certification model is of particular interest because it allows public-key certificates to be used in environments where the owner and relying party do not have trust relationships with the same CA.

We will now assume both the owner Alice and relying party Bob have relationships with their own CAs, which we label CA1 and CA2, respectively (so, for simplicity, we now assume the validation authority in the illustration below is a CA).

We now consider the nature of the relationship between CA1 and CA2. In particular, we will look at techniques for ‘joining’ their respective CA domains and allowing certificates issued by CA1 to be ‘trusted’ by relying on parties who have trust relationships with CA2.

Get hands-on with 1200+ tech skills courses.

Introduction

Basic Principles

Historical Cryptosystems

Theoretical versus Practical Security

Symmetric Encryption

Public-Key Encryption

Data Integrity

Digital Signature Schemes

Entity Authentication

Cryptographic Protocols

Key Management

Public-Key Management

Cryptographic Applications

Cryptography for Personal Devices

Control of Cryptography

Mathematics Appendix

Closing Remarks

Joining CA Domains