Trust, in the electronic world, is based on binding real-world assurances and/or relations to their electronic representation. This is expensive, and so in order for the trust transfer mechanisms (such as electronic signatures) to give maximum value, one should perform such bindings infrequently (but well). This is true for establishing a root of trust (e.g. top level Certification Authorities) and also for lower level entities. For example [CM97], it is a bad idea to bind keys and access rights to principals like this:
key principal capability
as this involves two bindings between the real world and cyberspace. We should rather build systems like this:
principal key capability
Thus, when designing trust structures in general, we will try to have a small number of root keys or other authenticator values that can be made well known by out-of-band mechanisms, and derive the rest of the structure directly from these. The cleaner the structure, the better for a number of reasons, including both cost and robustness.
With trust based on hash trees, the root is quite simply the root of the tree; in the case of Wax, the hash of the current Wax catalogue. This can be assured by a variety of means (currently signature with the Wax-centre key and publication in the British Medical Journal). However, once we have gone to the trouble of certifying this root, we want all the pages in the publishing hierarchy to be checkable from it. We will now describe how this can be done using a simple extension that does not upset existing browsers, yet can be implemented either as a suitable applet or as part of a proxy service such as a hospital firewall. (The former is preferable as it is easier to implement `untrusted' highlights, e.g. when a Wax chapter is retrieved as the result of a keyword search.)