What’s issue?(Theoretical issues)|
How does Relying-Party (RP) trust other CA?
Cross-Certification from Trust Anchor of RP.
Single trust point model
Trust the other CA directly.
Multi trust point model
What is PKI domain?
Which CA SHOULD be recognized as same PKI domain?
How should we trust other PKI domain?