3

I was reading an example from my textbook about verifying a certificate from a client using a certificate network. The example in the book is as follows:

A issues a certificate to B.
A issues a certificate to C.
A issues a certificate to D.
B issues a certificate to D.
C issues a certificate to A.
C issues a certificate to Alice.
B issues a certificate to Bob.

Bob wants to verify Alice's key. What is the path in the certificate network to do so?

I've drawn out the diagram but I don't see anyway such a verification possible as Bob's certificate provider is B, which has a one directional relationship with A, such that A "trusts" B, but not the other way around. Is there even a path that would solve the problem?

e-sushi
  • 17,891
  • 12
  • 83
  • 229
Robert
  • 31
  • 1

1 Answers1

-1

Quoting SEJPM's (now removed) comments:

For the convenience of any answerer, I've rendered the graph and answerers may use it (and any derivatives) at their will. If required I can also provide vector graphic versions of it.

enter image description here

In this case one could argue that A issued both bob's and alice's cert indirectly and thus either party seems to trust A to certify CAs and thus they trust each other's cert. (But this doesn't really sound convincing to me -> no answer)

Thanks to @SEJPM for adding the graph. With what you stated you were give, it would not be possible for Bob to verify Alice's certificate.

Community
  • 1
tpm900
  • 203
  • 2
  • 5