1

Let's assume we are having a structure with a root certificate with lots of "child" certificates.

A message is transmitted which is signed by any of the child certificates. The receiver has stored the root certificate and receives the child certificate in line with the message.

Am I right assuming, that the receiver can now check whether the child certificate is really a child of the root certificate (Chain of Trust) and is afterwards able to use the public key of the child certificate to verify the signature. So every child certificate is able to sign the message which can be checked by the receiver - right?

Marc Lebherz
  • 11
  • 2
  • Yup. You got it. That’s the gist of PKI. – StackzOfZtuff Apr 18 '18 at 18:33
  • Although actual root CAs usually don't issue end-entity certs directly, but instead use at least one Intermediate aka Subordinate CA (sometimes more), and validation requires also providing or obtaining and similarly checking the intermediate CA cert(s), often called 'chain' cert(s). In particular for the public web (admittedly not the case asked) CABForum Baseline Requirements 6.1.7 prohibits a root CA from directly issuing subscriber certs (effective 2016-06-30). See https://security.stackexchange.com/questions/56389/ssl-certificate-framework-101-how-does-the-browser-actually-verify- – dave_thompson_085 Apr 19 '18 at 03:10

0 Answers0