Jump to content

Trust anchor

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 192.176.1.79 (talk) at 12:33, 11 October 2022. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In cryptographic systems with hierarchical structure, a trust anchor is an authoritative entity for which trust is assumed and not derived.[1]

In the X.509 architecture, a root certificate would be the trust anchor from which the whole chain of trust is derived. The trust anchor must be in the possession of the trusting party beforehand to make any further certificate path validation possible.

Most operating systems provide a built-in list of self-signed root certificates to act as trust anchors for applications. The Firefox web browser also provides its own list of trust anchors. The end-user of an operating system or web browser is implicitly trusting in the correct operation of that software, and the software manufacturer in turn is delegating trust for certain cryptographic operations to the certificate authorities responsible for the root certificates.

References

  1. ^ "Trust Anchor Format". RFC 5914. IETF. Retrieved March 30, 2022.


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Trust_anchor&oldid=1115430615"