Storing Trust Policy

Stef Walter

Red Hat Inc.

... with a lot of insight from others

Revision: Take two


Status of this document
Model: Anchors and Blacklists
1. Introduction
2. Concepts
3. Model
I. Concrete Representations
Representation: PKCS#11
Representation: C API
Representation: JSON
Representation: DBus API
Retrofiting Existing Implementations
1. Retrofit: Bundle of anchors
2. Retrofit: Extra validation
3. Retrofit: NSS trust objects
4. Retrofit: OpenSSL X509_STORE
Existing Trust Storage Implementations
1. NSS Trust Objects
2. OpenSSL Trusted Certificates
3. Trust Assertions
4. Certificate Authority Bundles