Evaluating Third Party Root Certificates for Corporate PKI Trust Stores

Author

James Miller, University College

Date of Award

7-30-2011

Document Type

Undergraduate Capstone Project

Degree Name

Master of Applied Science

Organizational Unit

University College, Informtaion and Communications Technology

Disciplines

Information & Comm Technology

First Advisor

Harry Smith

Keywords

Public key infrastructure (PKI), Certificate, Trust, Root

Abstract

The Trusted Root Certification Authorities store is the trust anchor for PKI- enabled applications running in a Microsoft Windows environment. Inclusion of less-than-desirable root certificates has the potential to lead to serious consequences, including system compromise or malware infections. For this reason, an organization should vet each certificate that is added to this repository rather than to trust the default contents provided by the vendor. A careful examination of the certificate authority's certification practice statement along with inspection of critical fields in the root certificate and associated subordinate certificates provides an acceptable vetting process.

Publication Statement

Copyright is held by the author. Permanently suppressed.

Recommended Citation

Miller, James, "Evaluating Third Party Root Certificates for Corporate PKI Trust Stores" (2011). University College: Information and Communications Technology Capstones. 17.
https://digitalcommons.du.edu/ucol_ict/17