Sciweavers

CMS
2001

Asynchronous Large-Scale Certification Based on Certificate Verification Trees

14 years 1 months ago
Asynchronous Large-Scale Certification Based on Certificate Verification Trees
Good public-key infrastructures (PKIs) are essential to make electronic commerce secure. Quite recently, certificate verification trees (CVTs) have been introduced as a tool for implementation of large-scale certification authorities (CAs). In most aspects, the CVT approach outperforms previous approaches like X.509 and certificate revocation lists, SDSI/SPKI, certificate revocation trees, etc. However, there is a tradeoff between manageability for the CA and response time for the user: CVT-based certification as initially proposed is synchronous, i.e. certificates are only issued and revoked at the end of a CVT update period (typically once a day). Assuming that the user is represented by a smart card, we present here solutions that preserve all advantages of CVTs while relaxing the aforementioned synchronization requirement. If short-validity certificates are used, implicit revocation provided by the proposed solutions completely eliminates the need for the signature verifier to chec...
M. Mar Albà, Josep Domingo-Ferrer, Francesc
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2001
Where CMS
Authors M. Mar Albà, Josep Domingo-Ferrer, Francesc Sebé
Comments (0)