Trust Models

Question 1

Web of Trust

Answer 1

• Decentralized trust model
• To establish the authenticity of the binding public key <-> user
• Used in PGP, GnuPG, and other OpenPGP-compatible systems
• Each party = end-user & CA at the same time (all users distribute their own public keys, and certify those of other users)

Question 2

Key validity vs. owner trust

Answer 2

• Key validity: Is the key owner who they claim to be?
• Owner trust: Is the key owner reliable (in respect to signing keys of others)?

Question 3

Assigning key validity and owner trust

Answer 3

• Key validity:
  -> manually set (key signing)
  -> computed from the trust in the corresponding signers, only considering signers with key validity “complete”
• Owner trust: manually set (trust setting)

Question 4

Owner trust levels

Answer 4

• unknown
• none: The owner is known to improperly sign keys
• marginal: The owner is known to properly sign keys
• complete: The owner is known to put great care in key signing
• ultimate: The owner is known to put great care in keys signing, and is allowed to make trust decisions for you

Question 5

Key validity levels

Answer 5

• unknown
• marginal: The key probably belongs to the name
• complete: The key definitely belongs to the name
• ultimate: own keys

Question 6

Key validity computation: complete

Answer 6

• Key is signed by at least one user with owner trust complete
• Key is signed by at least x names with owner trust marginal

Question 7

Key validity computation: marginal

Answer 7

• If the key is signed by less than x names with owner trust marginal

Question 8

Key validity computation: unknown

Answer 8

If the key is signed by no name with at least owner trust marginal

Question 9

Trust signatures & trusted introducers

Answer 9

• trust signature is a special type of signature: The signer asserts that the key is not only valid but also trustworthy at the specified level
• Allows trust delegation along a chain of signatures

Question 10

PGP Disadvantages

Answer 10

• PGP lacks forward secrecy
• No supervision regarding upgrading algorithms and parameters
• Bad scalability

Question 11

Hierarchical trust

Answer 11

• Model with trust anchor and certification path (and intermediate CAs)

Question 12

Trust models in multiple hierarchies: Methods

Answer 12

• Trusted list
• Common root
• Cross-certification
• Bridge

Question 13

Trusted list

Answer 13

• Every participant has a list of trusted CAs
• Every user maintains their own list
• Used in web browsers (preinstalled + user defined)

Question 14

Common root

Answer 14

• Every user who trusts root accepts every other end-user certificate

Question 15

Cross-certification

Answer 15

Root CA 1 issues certificate for CA 2 (can be bilateral) or for intermediate CAs

Question 16

Bridge

Answer 16

• Idea: Bridge CA has cross-verifications with CA 1 and CA 2
• Is not subordinate to a third CA

Question 17

X.509 certificate extension: Basic Constraints

Answer 17

• Identifies whether the subject of the certificate is a CA and the maximum number of non-self-issued intermediate certificates that may follow this certificate in a valid certification path
• Must be included in CA certificates
• Critical
• If pathlength is not present -> no limit

Question 18

Problems with CAs

Answer 18

• huge number
• governmental access
• no globally standardized mechanism to ensure a CAs trustworthiness
• Any CA ultimately fallible