In
cryptographic
Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More gen ...
systems with hierarchical structure, a trust anchor is an authoritative entity for which trust is assumed and not derived.
In the
X.509 architecture, a
root certificate would be the trust anchor from which the whole
chain of trust is derived. The trust anchor must be in the possession of the trusting party beforehand to make any further
certificate path validation possible.
Most operating systems provide a built-in list of self-signed
root certificates to act as trust anchors for applications. The
Firefox
Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements curr ...
web browser also provides its own list of trust anchors. The end-user of an operating system or web browser is implicitly trusting in the correct operation of that software, and the software manufacturer in turn is delegating trust for certain cryptographic operations to the
certificate authorities responsible for the root certificates.
See also
*
Web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the ...
References
Key management
{{computer-security-stub