Paper 2013/841
Trust Views for the Web PKI
Johannes Braun, Florian Volk, Johannes Buchmann, and Max Mühlhäuser
Abstract
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure. In this paper, we present the concept of trust views to manage variable trust levels for exactly those CAs actually required by a relying entity. This reduces the set of trusted CAs and minimizes the risk to rely on malicious certificates issued due to CA failures or compromises.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint.
- Contact author(s)
- jbraun @ cdc informatik tu-darmstadt de
- History
- 2013-12-16: received
- Short URL
- https://ia.cr/2013/841
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/841, author = {Johannes Braun and Florian Volk and Johannes Buchmann and Max Mühlhäuser}, title = {Trust Views for the Web {PKI}}, howpublished = {Cryptology {ePrint} Archive, Paper 2013/841}, year = {2013}, url = {https://eprint.iacr.org/2013/841} }