List of Trust Lists

In the PKI world, “trust lists” used by applications are the cornerstone of a working PKI infrastructure. Trust lists embedded in applications tell all members of a PKI community whether or not they can trust a certificate and its issue.

They have many names, such as ‘trusted root list’, ‘trusted root store’, ‘trust store’, ‘approved trust list’, etc. The PKI Consortium is curating a global List of Trust Lists (a list of root, intermediate or issuing CA certificates accepted by a public, private, industry, or solution-specific PKI), one that is not limited to a specific purpose, region or size, and is open to anyone to contribute.

Each list will be documented as a YAML file and hosted on GitHub, this makes it easier to read for humans while retaining version control and allowing systems to process and analyze the data.

Some lists will share a common purpose or audit regime, might be extensively documented, list policies, discussion groups, etc. Others focus on a specific purpose, region or use-case and might only have some basic information.

There are many trust lists and often there is little overlap or interoperability. With this project the PKI consortium is not only building a comprehensive list of trust lists but also a place where the industry can find each other, engage, share knowledge, policies and best practices to improve security, interoperability and mutual trust.

The PKI Consortium welcomes contributions and would like to engage in related activities from other organizations or stakeholders.

Participate in our community discussions and/or join the consortium