Clearing House in Multi-rooted PKI

Alexander Liss


Multi-rooted Public Key Infrastructure (PKI) is an approach to PKI design, where it is anticipated that independently developed PKIs eventually cooperate and form a Multi-rooted PKI with cross-certificates and joint revocation management.

If a PKI is initially designed as Multi-rooted, it is easier to integrate it into such family of PKIs.

However, Multi-rooted PKI has a few problems, which Single-rooted PKI does not have.

First is a multitude of cross-certificates to manage.

Second is a complicated management of the certificates revocation either through Revocation Lists (RL) or through databases, where revocation information can be found.

Third is caused by many existing unsophisticated applications, which assume that an entity has only one certificate. In Multi-rooted PKI, it is possible, that an entity has to choose among a set of certificates or has to create a certificate using a cross-certificate depending on a counterpart.

All these problems can be solved with a PKI Clearing House.

A Multi-rooted PKI can be presented as a set of single-rooted PKI's, where a given PKI has a "trust domain" for each counterpart PKI. In this "trust domain" certificates of counterpart PKI are treated as own certificates.

These certificates are recognized as trusted by amending to each of them a cross-certificate. The resulting certificate looks exactly as own certificate - the last unit in a chain is a unit associated with an own root key.

The PKI Clearing House is a single-rooted PKI from this set PKIs dedicated to a special role - managing cross-certificates and passing revocation information between PKIs.

Each cross-certificate is signed by the PKI Clearing House and not by a particular PKI's root. A particular PKI treats the root of the PKI Clearing House as own root in its 'trust domain".

In general case, there is a "trust domain" associated with each counterpart, now it is only one "trust domain" for all counterparts.

The PKI Clearing House signs cross-certificates in behalf of other PKIs. Hence, these PKIs should control this procedure through setting rules and auditing, and through an explicit unanimous confirmation of each root certificate to be cross-certified (signed by the PKI Clearing House).

The PKI Clearing House collects revocation information from all PKIs and distributes collected information back to them.

Such "star" configuration dramatically reduces a number of needed cross-certificates and a number of transmissions needed to manage revocation. Through the PKI Clearing House, uniform procedures of cross-certification and revocation management can be naturally supported.

A certificate, amended with a cross-certificate signed by PKI Clearing House, looks exactly as a certificate generated in single-rooted PKI, hence applications written to support only a single-rooted PKI can use them (if they can use chain certificates).

A revocation of a root key of the PKI Clearing House leads to conversion of "long" certificates, which end with a cross-certificate to "short" ones, which the cross-certificate removed. This is a relatively inexpensive way of damage containment in the case of compromise of the PKI Clearing House.