What is a trust anchor in PKI?

Prepare for the DSAC-11 Annex B Test. Study with our quiz featuring flashcards and multiple-choice questions, each question accompanied by hints and explanations. Get ready to excel!

Multiple Choice

What is a trust anchor in PKI?

Explanation:
In PKI, a trust anchor is the root certificate that establishes a chain of trust. It’s the certificate that is trusted directly by the system or application (usually pre-installed in a trusted store) and serves as the starting point for cert validation. When a certificate is checked, the verifier builds a chain from the end-entity certificate up through any intermediate certificates until it reaches this trusted root. If the chain cannot be linked to the trusted root, the certificate isn’t trusted. The other options describe parts of the PKI process that aren’t the starting point of trust: a mid-chain certificate is just part of the path, a private key used for signing is a signing credential not the anchor, and a timestamp is used for revocation or freshness checks rather than establishing trust.

In PKI, a trust anchor is the root certificate that establishes a chain of trust. It’s the certificate that is trusted directly by the system or application (usually pre-installed in a trusted store) and serves as the starting point for cert validation. When a certificate is checked, the verifier builds a chain from the end-entity certificate up through any intermediate certificates until it reaches this trusted root. If the chain cannot be linked to the trusted root, the certificate isn’t trusted. The other options describe parts of the PKI process that aren’t the starting point of trust: a mid-chain certificate is just part of the path, a private key used for signing is a signing credential not the anchor, and a timestamp is used for revocation or freshness checks rather than establishing trust.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy