A Model to Evaluate Certificate Revocation

نویسندگان

  • J. Forné
  • J. C. Castro
چکیده

This paper presents a model to evaluate certificate revocation using certificate revocation lists (CRL's) of the X.509 standard. The model shows the relationship between the number of users managed by a Certificate Authorities (CA) and the size of the revocation lists, the computation power of the CA and the necessary bandwidth to access the revoked certificates.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cluster Based Certificate Revocation Scheme in Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have attracted more attention due to their mobility and simplicity of arrangement. However, the wireless and dynamic nature renders them more suspicious to various types of security attacks than the wired networks. To meet these challenges, certificate revocation is an important component for secure network communications. Certificate revocation is used to segreg...

متن کامل

Using CRL Push Delivery for Efficient Certificate Revocation Information Distribution in Grids

Checking revocation information is necessary to prevent from using digital certificates whose contents become invalid. In current system either periodical retrieval of Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP) are the most common mechanisms to access revocation information issued by the certification authorities. As both these approaches pose problems ...

متن کامل

A Model of Certificate Revocation

This paper presents a model for the distribution of revocation information using certificate revocation lists (CRLs). This model is used to highlight inefficiencies in the “traditional” method of distributing certificate status information using CRLs. Two alternative CRL-based revocation distribution mechanisms, over-issued CRLs and segmented CRLs, are then presented. The original model is then...

متن کامل

Simple and Flexible Privacy-Preserving Revocation Checking

Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert...

متن کامل

Simple and Flexible Revocation Checking with Privacy

Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000