Chain of trust

In computer security, a chain of trust is established by validating each component of hardware and software from the end entity up to the root certificate.

A chain of trust is designed to allow multiple users to create and use the software on the system, which would be more difficult if all the keys were stored directly in hardware.

The previous software can be trusted, because it, in turn, would not have been loaded if its signature had been invalid.

In a chain, any given link can be replaced with a different version to provide different properties, without having to go all the way back to the trust anchor.

In computer security, digital certificates are verified using a chain of trust.

The roles of root certificate, intermediate certificate and end-entity certificate as in the chain of trust.