Add to ORKGCurrent X.509-based PKIs are typically complex. One of the most critical parts is revocation checking. Providing revocation information is a big effort for CAs, and for clients it is even more costly to get all re-quired revocation data. This work provides a performance calculation of two CA setups with CRLs, delta CRLs and OCSP as revo-cation checking mechanism. The enhance-ment of this work is the proposal to avoid revocation checking by issuing certificates on-line and only retroactively. An analysis shows that this approach performs at least as good as OCSP and much better than CRLs. In addition, this solution reduces the complexity of PKI significantly
Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mech...
Public key infrastructure has been proposed as a promising foundation for verifying the authenticity...
Public key certificates (PKCs) are used nowadays in several security protocols and applications, so ...
A fundamental problem inhibiting the wide acceptance of a Public Key Infrastructure (PKI) in the Int...
Certificate Revocation Lists (CRLs) are the most popular means of revocation checking. A CRL is esse...
Critical to the security of any public key infrastructure (PKI) is the ability to revoke previously ...
A new certificate revocation system is presented. The basic idea is to divide the certificate space ...
A PKI (public key infrastructure) provides for a digital certificate that can identify an individual...
Public key infrastructure provides a promising foundation for verifying the authenticity of communic...
Correct certificate revocation practices are essential to each public-key infrastructure. While ther...
Public-key infrastructure (PKI) is based on public-key certificates and is the most widely used mech...
In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI)....
Public key infrastructure has been proposed as a promising foundation for verifying the authenticity...
Verification of the certificate revocation status is a crucial process for Public Key Infrastructure...
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purpos...
Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mech...
Public key infrastructure has been proposed as a promising foundation for verifying the authenticity...
Public key certificates (PKCs) are used nowadays in several security protocols and applications, so ...
A fundamental problem inhibiting the wide acceptance of a Public Key Infrastructure (PKI) in the Int...
Certificate Revocation Lists (CRLs) are the most popular means of revocation checking. A CRL is esse...
Critical to the security of any public key infrastructure (PKI) is the ability to revoke previously ...
A new certificate revocation system is presented. The basic idea is to divide the certificate space ...
A PKI (public key infrastructure) provides for a digital certificate that can identify an individual...
Public key infrastructure provides a promising foundation for verifying the authenticity of communic...
Correct certificate revocation practices are essential to each public-key infrastructure. While ther...
Public-key infrastructure (PKI) is based on public-key certificates and is the most widely used mech...
In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI)....
Public key infrastructure has been proposed as a promising foundation for verifying the authenticity...
Verification of the certificate revocation status is a crucial process for Public Key Infrastructure...
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purpos...
Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mech...
Public key infrastructure has been proposed as a promising foundation for verifying the authenticity...
Public key certificates (PKCs) are used nowadays in several security protocols and applications, so ...