Trust Anchor Publication Advice
Columbia University
Internet Initiative Japan
Vigil Security
BBN Technologies
IECA, Inc.
Many Internet protocols and services rely on credentials which use asymmetric keys. Many of these are hierarchic structures having certification authorities (CAs) that act as trust anchors (TAs). There is little general guidance on procedures for how these trust anchors can be distributed or otherwise published with prudence. To quote a well known security expert, "It's a matter of oral tradition in security circles." This document attempts to capture some of that lore.