Design of Enclosing Signing Keys by All Issuers in Distributed Public Key Certificate-Issuing Infrastructure
نویسندگان
چکیده
This paper first takes IoT as an example to provide the motivation for eliminating single point of trust (SPOT) in a CA-based private PKI. It then describes distributed public key certificate-issuing infrastructure that eliminates SPOT and its limitation derived from generating signing keys. Finally, it proposes method address by all certificate issuers.
منابع مشابه
ECPV: Efficient Certificate Path Validation in Public-key Infrastructure
In the current public-key infrastructure (PKI) schemes based on X.509, a relying party must validate a user’s certificate as well as the existence of a path from its trust points to the CA of the certificate. The latter part is referred to as certificate path validation. In this paper, we suggest an efficient certificate path validation scheme (ECPV) that employs delegation with efficient compu...
متن کاملInternet X.509 Public Key Infrastructure Certificate and CRL Profile
Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This memo profiles the X.509 v3 ...
متن کاملInternet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)
Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes the Inte...
متن کاملInternet X.509 Public Key Infrastructure Certificate Management Protocols
Status of this Memo: This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the " Internet Official Protocol Standards " (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract: This document describes the ...
متن کاملAlternative Certificate Formats for the Public-Key Infrastructure Using X.509 (PKIX) Certificate Management Protocols
This document is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this document for any purpose, and in particular notes that it has not had IETF review for such things as security, congestion control, or inappropriate interaction with deployed protocols. The RFC Editor has chosen to publish this document at its discretion. Readers of this d...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEICE Transactions on Information and Systems
سال: 2023
ISSN: ['0916-8532', '1745-1361']
DOI: https://doi.org/10.1587/transinf.2022ofl0001