pkc_trustlist_intro(3sec)Introduction to the certificate manipulation facility Description This reference page describes the data types used by the certificate manipulation facility. The certificate manipulation routines are a C++ interface. C++ must be used to perform direct certificate manipulation. Trust Lists The trust list is the fundamental object within the certificate manipulation facility. A trust list is a set of keys which are trusted, plus a list of revoked certificate serial numbers. Keys are inserted into a trust list either directly (via the pkc_add_trusted_key(3sec) function) or indirectly (via the pkc_check_cert_against_trustlist(3sec) function). The latter routine will only add keys if the certificate signature can be verified by a key already in the trust list, and if the certificate has not been revoked. Currently, trust lists are relatively static objects: once a key is inserted, its trust properties do not change. If, for example, a key is added that is capable of extending the trust in another key within the list, the second key is not automatically updated. Using the Certificate Manipulation Facility The way that a policy module is expected to use the facility is as follows. 1. Create an initial trust list containing the directly trusted keys, that is, the start point(s) of all valid trust chains. Typically, this set of keys will be used for multiple certificate chain evaluations. If the policy wishes to impose additional path constraints over the constraints expressed within the certificates, it must maintain a master copy of the original trust list and clone it to create a modifiable version for each chain the policy module wants to verify. After verification of a candidate chain, the cloned trustlist must be discarded so that the next trial verification starts from a known state. 2. Using the initial trust list as a starting point, the policy module retrieves a chain of certificates and adds them to the trust list one by one, starting with the certificate(s) closest to the start point(s). Multiple chains may be evaluated simultaneously using a single trust list for policies that do not wish to impose additional constraints on the trust chain; however the policy module must ensure that for each trust chain, certificates are added in the correct order. A future auto-update enhancement may lift this requirement. Related Information
Functions:
Classes:
|