What Does Trust Anchor Mean?
A trust anchor is a public key and its associated accompanying information. Public keys act as an authority to verify a digital signature’s authenticity. The data associated with a public key delineates what types of information the trust anchor can rule over or what actions it can allow or disallow.
Techopedia Explains Trust Anchor
The trust anchor indicates the stored keys that have trusted certificates. Another action of trust anchors is to validate certification paths. There can be some confusion regarding what a trust anchor really does because there is no standard format for the information related to trust anchors.
The trusted certificates in the keystores are also the certificates that validate X.509 certificates. These can be found in the Simple Object Access Protocol (SOAP) message. The keystores in a trust anchor are used by certain messages for validation of the X.509 certificate to make sure it is used for digital signatures or XML encryption. The keystores are imperative in the information assurance realm of integrity for the validation of the digital signature. If there were ever any alterations of the keystores, verification of the digital signature may be compromised.
Trust anchors also have a private key. If it gets into the wrong hands, it could allow an unauthorized person to act as a trust anchor and cause harm. Therefore, keeping trust anchors secure is essential.