LOGBOOK

HELP

Quiz Entry - updated: 2026.05.31

Who signs certificates, and what does it mean that Alice and Bob need a common "trust anchor"?

A Certificate Authority (CA) issues and signs certificates; to verify each other's certs, both parties must already trust the same CA — that shared trusted root is the trust anchor.

A CA (Certificate Authority) issues certificates and signs them. But a signature only helps you if you already trust the signer. So:

  • Alice and Bob can only validate each other's certificates if they share a common trust anchor — a CA both of them trust.
  • Put plainly: they must trust the same CA(s) that issued the certificates.

This is why your browser/OS ships with a pre-installed list of trusted root CAs — they're your built-in trust anchors.

Tip: A signature you can't trace to a trusted root is worthless. "Trust anchor" = the root of trust you've decided to accept a priori.

From Quiz: ISF / Intercepting & Proxy Tools | Updated: May 31, 2026