Sciweavers

JCS
2010

Finding the PKI needles in the Internet haystack

13 years 11 months ago
Finding the PKI needles in the Internet haystack
Public-key cryptography can uniquely enable trust within distributed settings. Employing it usually requires deploying a set of tools and services collectively known as a public key infrastructure (PKI). PKIs have become a central asset for many organizations, due to distributed IT and users. Even though the usage of PKIs in closed and controlled environments is quite common, interoperability and usability problems arise when shifting to a broader, open environment. To make an effective trust judgment about a public key certificate, a PKI user needs more than just knowledge of that certificate: she also needs to be able to locate critical parameters such as the certificate repositories and certificate validation servers relevant to that certificate—and all the others the trust path she builds for it. Surprisingly, locating these resources and services remains a largely unsolved problem in real-world X.509 PKI deployment. This issue impacts especially on the usability of this t...
Massimiliano Pala, Sean W. Smith
Added 28 Jan 2011
Updated 28 Jan 2011
Type Journal
Year 2010
Where JCS
Authors Massimiliano Pala, Sean W. Smith
Comments (0)