This is a quick post to help you in your understanding of Trust Models and how it relates to cryptography.
The trust models can be broken down to several degrees of trust. In general Trust model can be defined as “the type of trust relationship that can exist between individuals or entities. For example, direct Trust is the relationship between two people, such as a close friend and me. A close friend of mine will trust that the certificate I gave him contains my public key since he personally knows me. A Third-Party Trust model involves two people trusting each other due to their trust in a third party. It is similar to having a mutual friend, as I am more likely to trust someone, if my close friend above trust him.
In terms of cryptography, the Hierarchical trust model, distributed trust model and bridge trust model all use a CA to establish trust. The hierarchical trust model contains a master CA at root that is able to sign all certificates. This model is used in organizations where there is one CA responsible for the digital certs of that organization. This can be problematic as a compromise of the private key of the CA can lead to compromise of all the certifications for that organization.
The Distributed Trust Model occurs when organizations have several CA’s that can sign their digital certs. Essentially the workload of signing and verifying certificates is distributed as well. A compromise of a CA’s certificate will only affect the certs that were signed by that CA. Essentially the root CA has the power to delegate intermediate CA’s to sign/verify the certificates, which also works to preventing a backlog. This ordering also creates a chain in which browsers can trust as the intermediate is in the chain with the root CA. As stated in the textbook, the distributed model is the basis for how end user certifications on the internet.
Lastly, the Bridge Trust model involves a model that is similar to distributed trust, but does not contain a single CA that signs the cert. In this model the main CA acts as a coordinator and connects hierarchical and disturbed trust models.