Planning for Directory Services in Public Key Infrastructures
نویسندگان
چکیده
In this paper we provide a guide for public key infrastructure designers and administrators when planning for directory services. We concentrate on the LDAP directories and how they can be used to successfully publish PKI information. We analyse their available mechanisms and propose a best practice guide for use in PKI. We then take a look into the German Signature Act and Ordinance and discuss their part as far as directories concerning. Finally, we translate those to the LDAP directories practices.
منابع مشابه
Trusted Directory Services for Secure Internet Connectivity: Transport Layer Security using DNSSEC
The Internet today is a highly dynamic environment which frequently requires secure communication between peers that do not have a direct trust relationship. Current solutions for establishing trust often require static and application-specific Public Key Infrastructures (PKIs). This paper presents trusted directory services as a key infrastructural technology for setting up secure Internet con...
متن کاملUsing LDAP Directories for Management of PKI Processes
We present a framework for extending the functionality of LDAP servers from their typical use as a public directory in public key infrastructures. In this framework the LDAP servers are used for administrating infrastructure processes. One application of this framework is a method for providing proof-of-possession, especially in the case of encryption keys. Another one is the secure delivery of...
متن کاملModifying LDAP to Support X.509-basedPKIs
One of the impediments to a successful roll out of X.509-based public key infrastructures (PKIs), is that LDAP directories do not fully support PKIs. In particular, it is not possible to search for X.509 attributes (certificates or CRLs) that match user defined criteria. This paper describes the various approaches that have been suggested for enabling users to search for X.509 attributes, namel...
متن کاملA Better Use of Smart Cards in PKIs
Public-key cryptography faces the problem of the authentication of the public keys: How do we can be sure that a pair of public key/user’s identity are matching? A related problem is how to distribute public keys trustfully. These issues are proved to be the bottleneck of a wide deployment of public-key systems, such as the RSA cryptosystem. It is here the Public Key Infrastructures (PKIs) come...
متن کاملE-vote and Pki's: a Need, a Bliss or a Curse?
With the increasing popularity public key infrastructures have been acquiring in recent years and the legislative support for digital signatures, electronic voting protocols are moving from a strictly research area to the commercial arena. In this paper we examine the role public key infrastructures play in electronic voting in various protocols proposed in the literature, some of which are the...
متن کامل