An Algebra for Assessing Trust in Certification Chains. 论文

摘要

Open networks allow users to communicate without any prior arrangements such as contractual agreement or organisation membership. However, the very nature of open networks makes authenticity difficult to verify. We show that authentication can not be based on public key certificates alone, but also needs to include the binding between the key used for certification and it's owner, as well as the trust relationships between users. We develop a simple algebra around these elements and describe how it can be used to compute measures of authenticity. 1 Introduction For the distribution of public keys in open networks it is not conceivable to have a single global authority that is trusted for key generation and distribution because there will always be different administrative domains which typically will have conflicting economical and political interests. In this situation, each agent has to decide for herself which other agents she wants to trust for key distribution, and based on this...