Combining PKIs for Uninterrupted User Collaboration

A.

When two organizations with separate PKIs (Public Key Infrastructures) need to work together on a joint project, they may encounter connection errors due to the mismatch between their certificates. To enable the users of the separate PKIs to work together without these errors, a trust model can be established.

A trust model is a set of rules that govern how two organizations establish and trust each other's digital certificates. This allows them to securely exchange data and communicate with each other, even though they have different PKIs.

The trust model defines a hierarchy of CAs (Certificate Authorities) that are trusted by both organizations. The CAs in the hierarchy issue digital certificates to users and devices, which are then used to authenticate them to other users and devices.

Stapling is a technique that can be used to improve the security and performance of SSL/TLS connections. It involves the server sending a stapled certificate to the client during the SSL/TLS handshake, which eliminates the need for the client to fetch the certificate from the CA separately. However, stapling does not address the problem of separate PKIs working together.

An intermediate CA is a subordinate CA that is authorized by a root CA to issue digital certificates on its behalf. Intermediate CAs can be used to bridge the gap between two separate PKIs by creating a chain of trust between the two organizations. However, this requires both organizations to trust the same root CA.

Key escrow is the process of storing a copy of a user's private key in a secure location, which can be accessed by authorized parties in case the key is lost or compromised. However, key escrow is not relevant to the problem of separate PKIs working together.

In conclusion, the correct answer to the question is A. Trust model, which establishes a hierarchy of CAs that are trusted by both organizations and enables them to work together securely.