The Electrosoft Trust Rules Applicator (ETRAP) is a tool/application that facilitates the association of metadata with trust anchors in an attempt to constrain the purpose and scope of each
trust anchor while validating a certificate as part of a PKI-based transaction.
Usage
An example of application of such metadata within the context of secure email would be configure trust anchors such that all email from a particular domain (e.g., af.mil) are to be trusted
only if they chain up to the DoD Root CA. Similarly, all email from a user's bank should be trusted only if it chains up to the bank signing certificate that has been established as the trust
anchor, etc.
The ETRAP concept is particularly useful in the PIV environment as well where Agencies can decide to trust only a subset of the PIV Issuers within the federal government for specific users or
applications.
Implementation
At present, ETRAP has been implemented as an MS Outlook (2003 and 2007) Plug-in.
