Security issues in PKI and certification authority design

Much of the literature related to public key infrastructure (PKI) uses terms such as "trust" extensively and assumes that certification authorities (CAs) are trusted third parties (TTPs). Also, in analyzing the security of CAs, most of the emphasis is on protecting CA private keys and on accurate authentication of the requester of a certificate. This paper adopts a different perspective on these topics. It argues that, in the best circumstances, CAs should not have to be trusted explicitly. Rather. "natural" CAs merit an implied trust due to their position as authoritative entities responsible for name spaces, authorization information, etc. This approach to PKI has numerous advantages relative to the TTP model. With regard to CA security, we argue that there is one, primary, CA security requirement, and all others derive from it. This perspective results in a slightly different view of what is critical to CA security. More importantly, it argues for a system approach to CA security, and suggests a way of focusing attention on a very small part of the CA system to achieve a very high level of security.