| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
4.2 X.509 certificates
The X.509 protocols rely on a hierarchical trust model. In this trust model Certification Authorities (CAs) are used to certify entities. Usually more than one certification authorities exist, and certification authorities may certify other authorities to issue certificates as well, following a hierarchical model.
Figure 4.1: An example of the X.509 hierarchical trust model.
One needs to trust one or more CAs for his secure communications. In that case only the certificates issued by the trusted authorities are acceptable. The framework is illustrated on Figure 4.1.
| 4.2.1 X.509 certificate structure | ||
| 4.2.2 Verifying X.509 certificate paths | ||
| 4.2.3 Verifying a certificate in the context of TLS session |
This document was generated on January 4, 2012 using texi2html 5.0.