PKIs are complex distributed systems that are responsible
for giving users enough information to make reasonable trust
judgments about one another. Since the currencies of PKI
are trust and certificates, users who make trust decisions
(often called relying parties) must do so using only some
initial trust beliefs about the PKI and some pile of
certificates (and other assertions) they received from the
PKI. Given a certificate, a relying party needs to conclude
that the keyholder described by the certificate actually
possesses the properties described by the certificate. In
this paper, we present a calculus that allows relying
parties to make such trust judgements. Our calculus extends
Maurer's deterministic model, and is focused on real world
issues such as time, revocation, delegation, and
heterogeneous certificate formats. We then demonstrate how
our calculus can be used to reason about numerous situations
that arise in practice.
John Marchesini and Sean W. Smith.
"Modeling Public Key Infrastructures in the Real World."
Public Key Infrastructure: EuroPKI 2005.
Springer-Verlag LNCS. June 2005.