{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T18:55:36Z","timestamp":1770749736546,"version":"3.50.0"},"reference-count":15,"publisher":"Wiley","license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2017]]},"abstract":"<jats:p>A Public Key Infrastructure (PKI) is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988) standard and is composed of three entities: the certification authority (CA), the certificate holder (or subject), and the Relying Party (RP). The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB). In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA\u2019s policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.<\/jats:p>","DOI":"10.1155\/2017\/6907146","type":"journal-article","created":{"date-parts":[[2017,2,9]],"date-time":"2017-02-09T16:01:47Z","timestamp":1486656107000},"page":"1-23","source":"Crossref","is-referenced-by-count":9,"title":["Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker"],"prefix":"10.1155","volume":"2017","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1385-4462","authenticated-orcid":true,"given":"Ahmad Samer","family":"Wazan","sequence":"first","affiliation":[{"name":"Paul Sabatier University, Toulouse, France"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0943-6180","authenticated-orcid":true,"given":"Romain","family":"Laborde","sequence":"additional","affiliation":[{"name":"Paul Sabatier University, Toulouse, France"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David W.","family":"Chadwick","sequence":"additional","affiliation":[{"name":"University of Kent, Kent, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Francois","family":"Barrere","sequence":"additional","affiliation":[{"name":"Paul Sabatier University, Toulouse, France"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abdelmalek","family":"Benzekri","sequence":"additional","affiliation":[{"name":"Paul Sabatier University, Toulouse, France"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mustafa","family":"Kaiiali","sequence":"additional","affiliation":[{"name":"Queen\u2019s University, Belfast, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adib","family":"Habbal","sequence":"additional","affiliation":[{"name":"Universiti Utara Malaysia, Kedah, Malaysia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"38","doi-asserted-by":"publisher","DOI":"10.1145\/1065545.1065546"},{"key":"26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"118","DOI":"10.1007\/11533733_8","volume-title":"Modeling public key infrastructures in the real world","volume":"3545","year":"2005"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1007\/10718964_16"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2008.49"},{"key":"37","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"crossref","first-page":"432","DOI":"10.1007\/978-3-642-01244-0_38","volume-title":"Which web browsers process ssl certificates in a standardized way?","volume":"297","year":"2009"},{"key":"24","first-page":"94","volume-title":"Familiarity, confidence, trust: problems and alternatives","year":"2000"},{"key":"35","first-page":"68","volume-title":"PKI interoperability: still an issue? A solution in the X.509 realm","year":"2013"},{"key":"18","year":"2016"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1002\/sec.198"},{"key":"25","year":"1962"},{"key":"23","year":"1979"},{"key":"2","year":"1983"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1086\/292745"},{"key":"15","first-page":"213","volume-title":"Can we trust trust?","year":"1988"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1016\/s0167-4048(01)00710-6"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2017\/6907146.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2017\/6907146.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2017\/6907146.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,25]],"date-time":"2017-06-25T06:12:58Z","timestamp":1498371178000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2017\/6907146\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"references-count":15,"alternative-id":["6907146","6907146"],"URL":"https:\/\/doi.org\/10.1155\/2017\/6907146","relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}