When an organization implements its own public key infrastructure (PKI), the certificates typically are trusted by that organization only. With technologies such as code signing and secure e-mail that are used between organizations, it is often necessary for certificates to be trusted by other organizations.

This chapter introduces several methods for deciding which certificates issued externally will be trusted by your organization. The chapter focuses on using cross certification, wherein an organization defines trust criteria so that only certificates that meet the criteria will be trusted by your organization.