Next: Feedback Up: Trust assignment mechanisms Previous: Known principals Contents Index
If an untrusted principal A present a certificate signed by a trusted principal B, a B must have trusted A to some degree, otherwise B would not have signed the certificate. As a result, a small amount of trust can now be assigned directly to A.
This principle can be extended to signature delegation chains, although it becomes very tentative after only a few levels of delegation.