This paper addresses the issue of determining the owner of a public key or, on the other hand, determining a user’s public key in order to encrypt data for secure transmission. In most real-life situations that involve different administrative domains, there is no single authority for providing this information. Many systems use paths (or chains) of authorities. If any authority incorrectly authenticates the next authority in the path, the user is in trouble.
There are several proposed metrics for measuring the assurance of a set of paths. The authors discuss the strengths and weaknesses of four: their own current one, Maurer, Zimmermann, and Beth-Borcherding-Klein. They then develop eight design principles upon which any assurance metric should be based. None of the four metrics conforms to all eight principles. Finally, they propose a new metric based on insurance (surety bonding), which conforms to all these principles. Each path has a value representing the amount of money the authority for that path is willing to pay the user if the name-to-key binding is incorrect.
This technical paper is highly readable and provides a starting point for designing new assurance metrics for multiple-path public key authentication.