Selecting a Trust Model

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

The Windows Server 2003 PKI is based on a hierarchical CA model that is composed of well-defined trust and CA naming standards. This type of CA trust model provides scalability, easy administration, and consistency with a growing number of third-party CA products.

In a hierarchical CA model, multiple CAs are organized into clearly defined parent-child relationships. Child CAs are certified by parent CA-issued certificates, which bind the public key of a CA to its identity.

With a hierarchical CA model, you minimize the number of root CAs that you need in order to verify certificates. At the same time, hierarchical CAs allow you great flexibility in the number of certificate-issuing subordinate CAs that you can use.

The basic types of CA trust hierarchies include:

• Rooted trust model. In a rooted trust model, a CA is either a root or a subordinate, and you can use offline root CAs for the highest level of security.

• Network (or cross-certification) trust model. In a network trust model, every CA is both a root and a subordinate.

• Hybrid trust model. Hybrid trust models combine elements of both the rooted and network trust models.

Your PKI trust hierarchy must be based on one of these three trust models.

Whether you choose to apply a rooted, network, or hybrid trust model to your CA infrastructure, you need to base your trust structure on the business requirements of your organization and on the way your organization delegates responsibility for IT administration. In this way, your trust model might be based on one or a combination of the following:

• Quality of identification

• Organizational structure

• User location