| 摘要 |
<p>A method and a system are disclosed for validating a certificate chain of a hierarchical certificate authority structure (HCAS), the HCAS having a plurality of levels, the levels including a root level, at least one intermediate level, and a leaf level, the at least one intermediate level having an intermediate certificate authority (ICA), the leaf level having a member, the ICA receiving a first certificate, the ICA signing a second certificate for the member, the certificate chain including a plurality of certificates, the certificates including the first certificate and the second certificate, the system comprising, a certificate receiving module to receive the certificates of the certificate chain; and a certificate chain validation module to determine an effective policy of the certificate chain such that the effective policy only allows operations commonly permissible to each of the certificates in the certificate chain.</p> |
