PKI Architectures

Issuance of a certificate to a subject for a specific purpose is essentially a statement by the issuer that the issuer has verified the identity claim of the subject as per its verification policies for that particular purpose. Someone relying on the certificate to prove the identity of its owner is essentially relying on the issuer's statement. Say that Charlie is a CA and everyone trusts Charlie to ascertain the identity of individuals and issue certificates. Now someone presents a certificate issued by Charlie in the name of Bob to Alice and is able to prove the possession of the corresponding private key. After verifying the fact that the certificate is not expired or placed in a CRL, Alice would trust that someone to be Bob.

This model of a single trusted CA issuing certificates and CRLs to everyone is quite simple, easy to understand and is quite appropriate for certain applications. For example, an employer could issue certificates to all its employees based on details stored in its employee database. But it doesn't scale well to support large and diverse communities.

A straightforward enhancement of a single trusted CA is a list of trusted CAs whereby a user maintains a list of trusted CAs and trusts certificates. There need not be trust relationships among the CAs in the list and the certification paths consist of only two certificates, one issued to the subject and other self-signed by the CA, as with the single trusted CA model. This model is certainly more scalable as more CAs can be added to handle more certificates. However, maintaining large lists of trusted CAs could become problematic for users.

A number of more complex PKI architectures have been developed to address the scalability issue: Hierarchical PKI consists of CA certificates forming a hierarchy with superior-subordinate relationship and a top-level CA possessing a self-signed certificate at the root. Contrast this with Mesh PKI where CAs maintain peer-to-peer relationships to each other, either by directly issuing certificates or through one or more intermediate CAs. Each user trusts exactly one CA.

Both of these architectures have their pluses and minuses. In fact, it is possible to mix and match and come up with hybrid architectures. Some of these have been given special names in the PKI literature: Extended Trust List PKI, Cross Certified PKI and Bridge CA PKI. Figure 4-4 depicts these different PKI architectures.

Existence of these PKI architectures makes administration and validation of certificates a complex task. In fact, there has been little practical experience with these architectures and most uses of PKI are limited to hierarchical PKI with a list of CAs as trust points.