| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
5.1 The X.509 trust model
The X.509 protocols rely on a hierarchical trust model. In this trust model Certification Authorities (CAs) are used to certify entities. Usually more than one certification authorities exist, and certification authorities may certify other authorities to issue certificates as well, following a hierarchical model.
Figure 5.1: The X.509 hierarchical trust model.
One needs to trust one or more CAs for his secure communications. In that case only the certificates issued by the trusted authorities are acceptable. The framework is illustrated on fig:x509. Detailed examples involving X.509 certificates are listed below.
| 5.1.1 X.509 certificates | ||
| 5.1.2 Verifying X.509 certificate paths | ||
| 5.1.3 PKCS #10 certificate requests | ||
| 5.1.4 PKCS #12 structures |