The problem with multiple roots in Web browsers-certificate masquerading

Abstract

Much work is going into securing the public key infrastructure (PKI). Various models for trust exist; Pretty Good Privacy (PGP) and the Progressive-Constraint Trust model are examples. These models describe how to protect and ensure the interrelationships of their certificate based structures; however, vulnerabilities may arise when structures based on certificate authorities (CAs) are involved. The vulnerability is based upon multiple root certificate authorities. The paper examines the need for improved methods for verifying the binding of a certificate authority (root) to the source of a protocol's messages. The protection mechanisms developed for protecting and ensuring this binding within a CA hierarchy can break down in environments where multiple roots exist. This can lead to the possibility of a CA undermining the trust placed in a peer CA.