The ICE-TEL Public-Key Infrastructure and Trust Model


David W. Chadwick [1]
Affiliation: University of Salford
Abstract: ICE-TEL [2] is a two year project funded by the European Commission, to establish a public key certification infrastructure in Europe. The project is primarily driven by the needs of academic and research users, and several applications, including MIME, WWW and X.500, will use the infrastructure once it is established. Most EC countries are represented in the consortium, with the project partners being drawn >from universities and research organisations in 13 countries. The project started in December 1995, and to date (Aug 95) has produced documents that describe the ICE-TEL Trust Model [3], the ICE-TEL basic security policy [4], functional specifications for the use of X.509 V3 certificate and V2 CRL extensions, proposed some new certificate management protocols, and various other security related documents e.g. review of Internet Firewalls [5] and European National Security Policies. The work is aligned with that of the Internet PKIX group, with one of the consortium members (S Farrell) being an editor of one of the PKIX IDs.

This paper describes the ICE-TEL Trust Model, which is a merging of the PGP [6] web of trust and the X.509[7]/PEM [8] hierarchy of trust models. Each user has a Personal Security Environment (PSE) in which he stores the public keys that he trusts. This will always contain his own public key, and if he is part of a certification hierarchy, the public key of the CA at the top of his hierarchy and the public key of the CA that certified him (these two CAs may be the same or different CAs, depending upon the depth of the hierarchy). In addition, the user may add to his PSE the public keys of remote users and remote CAs that he trusts. It is a local issue how the PSE is protected, but self signed certificates are one way of securing the public keys and related information. It is a local issue how the public keys are obtained, but out of band means are recommended. All CAs and users within a given CA hierarchy are governed by the same security policy, and hence form a security domain. If the user operates to different levels of security i.e. is a member of different security domains, it is a local issue whether he has one PSE for each domain, or a combined PSE that stores the security domain/policy with each key (V3 certificates support the latter). Similarly, if a CA operates to different levels of security, it is a local issue whether the CA produces separate certificates in accordance with each policy, or one certificate validated to the highest security level, but also containing the policy OIDs of the lower security levels. (Issue for discussion at the workshop. Is this as secure or not? If not, or if it introduces other problems, then we can mandate that they are kept separate.)

The term "trusted point" is used to refer to the CA at the top of a CA hierarchy and also to an individual user that is not part of a certification domain. CAs may cross certify other trusted points, provided that the security policy of a remote domain fulfills its criteria for trust, as detailed in its cross certification policy. Cross certification may be one-way or mutual (cf. authentication).

Each trusted point must keep a local cache of (or pointer to) the list of cross certificates that it has issued. Each user must keep a local cache of (or pointer to) the certification path from its trusted point to its own public key certificate. (If a user is a member of multiple security domains then he will keep one path for each domain.) This aids the creation of complete certification paths from one user to another both within and between security domains.

[1] Details about the author can be found at
[2] Details about the ICE-TEL project can be found at
[3] The draft ICE-TEL trust model can be found at
[4] The ICE-TEL basic security policy can be found at
[5] The Internet Firewalls report can be found at
[6] Stallings, W. "Protect Your Privacy: the PGP User's
Guide". Englewood Cliffs, NJ: Prentice-Hall, 1995. ISBN 0-
[7] "Information Technology - Open Systems
Interconnection - The Directory - Authentication
Framework" ISO-IEC STANDARD 9594:1993-8 | ITU-T X.509,
[8] Kent, S. "Privacy Enhancement for Internet
Electronic Mail: Part II: Certificate Based Key
Management", RFC 1422, February 1993