Trust Chain

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

An ordered sequence of Trust Links from the Leaf Node to a Trust Authority that is part of a Ecosystem that enable a trust decision to be made.

Context

Historically cryptography has been supplied in special boxes with manually distributed keying systems.

Solutions

OIDF Federation Spec

Report from Roland Hedberg about the OIDF Trust Registry.

When a trust chain is collected and evaluated a well-defined pattern is required.

  1. collect leaf Entity Configuration
  2. for each entity\_id in authority\_hints collect the superiors Entity Configuration
  3. Fetch the Entity Statement from the superior about the subordinate
  4. Repeat from 2

This will result in collecting something like this

  1. Leaf Entity Configuration
  2. Intermediate (A) Entity Configuration
  3. Intermediate (A) Entity Statement about Leaf
  4. Intermediate (B) Entity Configuration
  5. Intermediate (B) Entity Statement about Intermediate (\)
  6. Trust Anchor’s Entity Configuration
  7. Trust Anchor’s Entity Statement about Intermediate (B)

Alternative Entity Configurations and Entity Statements.

The trust chain if defined to contain the element 1, 3, 5 and 7

Given that the entity that collects the trust chain has the key of the Trust Anchor the trust chain can be verified and the metadata can be constructed.

It is assumed that the Trust Anchor rotates its signing keys. The new keys can be distributed to the federation entities in some out-of-bands way or possibly by adding the Trust Anchor’s Entity Configuration to the trust chain.

Adding the Trust Anchor’s Entity Configuration should be optional and if done should be added as the last element in the trust chain.

Web of trust

  • First created by Phil Zimmermann in 1991 to handle keys for his secure mail program PGP. This effort has been compared to an Emergent Behavior of an Identity Ecosystem.
  • A history of end-to-end encryption and the death of PGP is available on the web.
  • The first commercial version of PGP with a hardware crypto card created by National Semiconductor was create by Tom Jones at ViaCrypt in 1995.
  • As the Decentralized ID program began around 2011 the RWOY - rebooting the web of trust started to try yet again.
  • This is categorized list of papers produced by the Rebooting the Web of Trust design workshop
  • It could be argued that that Bitcoin and other Blockchain products carry an implicit web of trust.
  • There appears to be no technology forthcoming in 2024 that will enable a significant community to emerge.

Data Risks of AI

Generative artificial intelligence (GenAI) represents the proliferation of data, while blockchain represents data scarcity. These two technologies can balance and check each other.[1]

References

  1. Linda Jeng +4, Chains of Trust: Combating Synthetic Data Risks of AI https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4854347
Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Trust_Chain&oldid=21139"