PKI and Revocation Survey
نویسندگان
چکیده
This survey covers basic information about public key infrastructures and summarizes the predominant technology and standards. Special attention is given to mechanisms for certificate revocation. Methods for CRL distribution and validity checking are compared. Supported by KDD R&D Laboratories, Inc.
منابع مشابه
Certificate Revocation Lists or Online Mechanisms1
With more and more acceptance of Digital Certificates and Public Key Infrastructures (PKI), the mechanisms to revoke a certificate in a PKI have recently received increasing attention. The revocation mechanisms are commonly classified into Certificate Revocation Lists (CRLs), trusted dictionaries and online mechanisms. The designer of a PKI should select an appropriate revocation method suiting...
متن کاملAutonomous Certification with List-Based Revocation for Secure V2V Communication
Privacy and authenticity are two essential security attributes of secure Vehicle-to-Vehicle communications. Pseudonymous Public Key Infrastructure (PPKI), an extension of standard PKI, has been proposed to achieve these security attributes. In Pseudonymous PKI, a user needs certificates or pseudonyms periodically from the Certificate Authority (CA) to authenticate messages anonymously. But the ...
متن کاملReducing Certificate Revocating Cost using NPKI
Problems with certificate revocation status control limit the deployment of Public Key Infrastructure (PKI). Classical certificate paths require revocation control of all certificates on the path. In this paper, we show how the recently proposed NPKI (Nested certificate based PKI) system reduces the number of revocation status controls to at most two. Our analysis also shows that NPKI is not as...
متن کاملA Response to ''Can We Eliminate Certificate Revocation Lists?''
The use of certi cate revocation lists (CRLs) to convey revocation state in public key infrastructures has long been the subject of debate. Centrally, opponents of the technology attribute a range of semantic and technical limitations to CRLs. In this paper, we consider arguments advising against the use of CRLs made principally by Rivest in his paper \Can we eliminate certi cate revocation lis...
متن کاملInstant Revocation
PKI has a history of very poor support for revocation. It is both too expensive and too coarse grained, so that private keys which are compromised or otherwise become invalid remain in use long after they should have been revoked. This paper considers Instant Revocation, or revocations which take place within a second or two. A new revocation scheme, Certificate Push Revocation (CPR) is describ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2000