A trust model is a system that establish the authenticity of the binding between a public key and its owner (ie process of verification and certificate signature).
A central problem with the use of public key cryptography is confidence/proof that a particular public key is authentic, in that it is correct and belongs to the person or entity claimed, and has not been tampered with or replaced by a malicious third party.
A public key infrastructure implements the trust model and validate the ownership of a public key (associate a public key with an identity).
There is two type of trust model (ie 2 Public key infrastructure):
| Model | Type | Public key infrastructure | Main Usage |
|---|---|---|---|
| Hierarchy of certificate authority | Centralized | X509 PKI | Issuance of Certificate for network communication with Ssl |
| Web of trust | Decentralized | OpenPgp | Data, Mail Encryption |