IACR News item: 16 December 2013
Johannes Braun, Florian Volk, Johannes Buchmann, Max Mühlhäuser
ePrint Report
The steadily growing number of certication authorities (CAs)
assigned to the Web Public Key Infrastructure (Web PKI) and trusted
by current browsers imposes severe security issues. Apart from being
impossible for relying entities to assess whom they actually trust, the
current binary trust model implemented with the Web PKI makes each
CA a single point of failure. In this paper, we present the concept of
trust views to manage variable trust levels for exactly those CAs actually
required by a relying entity. This reduces the set of trusted CAs
and minimizes the risk to rely on malicious certicates issued due to CA
failures or compromises.
Additional news items may be found on the IACR news page.