What enables users to validate each other’s certificate when they are certified under different certification
hierarchies?
A.
Cross-certification
B.
Multiple certificates
C.
Redundant certification authorities
D.
Root certification authorities
Explanation:
Cross certification allows entities in one public key infrastructure (PKI) to trust entities in another PKI. This
mutual trust relationship is typically supported by a cross-certification agreement between the certification
authorities (CAs) in each PKI. This agreement determines the responsibilities and liability of each party. A
mutual trust relationship between two CAs requires that each CA issue a certificate to the other to establish the
relationship in both directions. The path of trust is not hierarchal even though the separate PKIs may be
certificate hierarchies.
Incorrect Answers:
B: Multiple certificates will not allow users to validate each other’s certificate when they are certified under
different certification hierarchies.
C: Redundant certification authorities will not allow users to validate each other’s certificate when they are
certified under different certification hierarchies.
D: A root certification authority is identified by a root certificate, which is an unsigned or a self-signed public key
certificate.https://msdn.microsoft.com/en-us/library/windows/desktop/bb540800(v=vs.85).aspx
https://en.wikipedia.org/wiki/Root_certificate