Sciweavers

DBSEC
2003

ECPV: Efficient Certificate Path Validation in Public-key Infrastructure

14 years 1 months ago
ECPV: Efficient Certificate Path Validation in Public-key Infrastructure
In the current public-key infrastructure (PKI) schemes based on X.509, a relying party must validate a user’s certificate as well as the existence of a path from its trust points to the CA of the certificate. The latter part is referred to as certificate path validation. In this paper, we suggest an efficient certificate path validation scheme (ECPV) that employs delegation with efficient computing at relying parties. In particular, in our scheme, a relying party is provided with certificate path validation trees (CPVTs) depending on its trust points and applicable trust policies. This information should enable a relying party to perform certificate path validation locally. The CPVAs can be deployed either as autonomous entities or in a federated mode. We discuss the two major components of ECPV: the data harvester and the data analyzer. Some of the concerns of security, trust, and performance are also discussed.
Mahantesh Halappanavar, Ravi Mukkamala
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2003
Where DBSEC
Authors Mahantesh Halappanavar, Ravi Mukkamala
Comments (0)