Summary
This chapter has discussed the concept of multiple key pairs and multiple certificates per PKI entity. Separate user "roles," separate key usage, independently managed certificates, and support for non-repudiation all lend weight to the claim that multiple keys/certificates per entity will be a common occurrence in real PKI deployments. The relationship between key pairs and certificates was also explored; that discussion suggested that putting a single public key in several certificates may lead to security risks and unnecessary administrative complexity.
To gain a fuller understanding of this topic, it may be useful to consider two related areas:
Mechanisms for maintaining an identity across the multiple "roles" that an entity may play ...
Get Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
