On the complexity of public-key certificate validation

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 2200, Issue , 2001, Pages 183-203

  Berbecaru, Diana ^a   Lioy, Antonio ^a   Marian, Marius ^a  

^a POLITECNICO DI TORINO   (Italy)

Author keywords

Certificate revocation; Certificate validation; CRL; DPD; DPV; OCSP; PKI

Indexed keywords

PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA;

CERTIFICATE MANAGEMENT; CERTIFICATE REVOCATION; CERTIFICATE VALIDATIONS; GENERAL ARCHITECTURES; NETWORK CONNECTIVITY; OCSP; PUBLIC KEY CERTIFICATES; PUBLIC KEY INFRASTRUCTURE;

NETWORK ARCHITECTURE;

EID: 84947232334     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/3-540-45439-x_13     Document Type: Conference Paper

References (24)

1. M. K. Reiter, S. G. Stubblebine, Towards Acceptable Metrics of Authentication, Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, May 1997, pp. 10-20.
2. R. Housley, W. Ford, W. Polk, D. Solo, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, RFC 2459, IETF, 1999
3. Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard, Microsoft Security Bulletin MS01-017, available at http://www.microsoft.com/TechNet/security/bulletin/MS01-017.asp
4. T. Bray, J. Paoli, C.M. Sperberg-McQueen, Extensible Markup Language (XML) 1.0, W3C Recommendation, 10-February-1998, available at http://www.w3.org/TR/1998/REC-xml-19980210
5. http://www.modssl.org
6. B. Ramsdell, S/MIME Version 3 Message Specification, RFC 2633, IETF, 1999
7. T. Dierks, C. Allen, The TLS Protocol Version 1.0, RFC 2246, IETF, 1999
8. T. Beth, M. Borcherding, B. Klein, Valuation of trust in open networks, European Symposium on Research in Computer Security, ESORICS 1994, vol. 875 of Lecture Notes in Computer Science, Springer-Verlag, 1994, pp. 3-18
9. U. Maurer, Modelling a public-key infrastructure, European Symposium on Research in Computer Security, ESORICS 1996, vol. 1146 of Lecture Notes in Computer Science, Springer-Verlag, 1996, pp. 325-350
10. M. K. Reiter, S. G. Stubblebine, Path independence for authentication in largescale systems, Proceedings of ACM Conference on Computer and Communications Security, Zurich, Switzerland, April, 1997, pp. 57-66
11. W. Ford, M. S. Baum, Secure Electronic Commerce, Prentice Hall, 1997
12. P. McDaniel, S. Jamin, Windowed Key Revocation in Public Key Infrastructures, Tech. Rep. CSE-TR-376-98, EECS(Univ. of Michigan), 1998
13. ITU-T Recommendation X.509-ISO/IEC 9594-8, 1995
14. M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP, RFC 2560, IETF, 1999
15. M. Naor, K. Nissim, Certificate Revocation and Certificate Update, IEEE Journal on selected areas in communications, Vol. 18, No. 4, 2000, pp. 561-570
16. H. Kikuchi, K. Abe, S. Nakanishi, Performance evaluation of public-key certificate revocation system with balanced hash tree, Proceedings of InternationalWorkshops on Parallel Processing, Wakamatsu, Japan, 1999, pp. 204 -209
17. M. Myers, S. Farrell, C. Adams, Delegated Path Discovery with OCSP, draft-ietfpkix- ocsp-path-00.txt, IETF Internet Draft, September 2000
18. M. Myers, C. Adams, S. Farrell, Delegated Path Validation, draft-ietf-pkix-ocspvalid- 00.txt, IETF Internet Draft, August 2000
19. M. Myers, R. Ankney, C. Adams, S. Farrell, C. Covey, Online Certificate Status Protocol, version 2, draft-ietf-pkix-ocspv2-02.txt, IETF Internet Draft, March 2001
20. A. Malpani, P. Hoffman, R. Housley, Simple Certificate Validation Protocol (SCVP), draft-ietf-pkix-scvp-05.txt, IETF Internet Draft, June 2001
21. D. Pinkas, Delegated Path Validation and Delegated Path Discovery Protocols, draft-ietf-pkix-dpv-dpd-00.txt, IETF Internet Draft, July 2001
22. http://www.mozilla.org/projects/security/pki/nss/intro.html
23. http://www.mozilla.org/
24. http://www.VeriSign.com/onsite/datasheets/validation/validation.html