Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
نویسندگان
چکیده
We consider certificate revocation from three high-level perspectives: temporal nonmonotonicity, user interfaces, and risk management. We argue that flawed understanding of these three aspects of revocation schemes has caused these schemes to be unnecessarily costly, complex, and confusing. We also comment briefly on some previous works, including those of Rivest [16], Fox and LaMacchia [5], and McDaniel and
منابع مشابه
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation (Position Paper)
We consider certificate revocation from three high-level perspectives: temporal nonmonotonicity, user interfaces, and risk management. We argue that flawed understanding of these three aspects of revocation schemes has caused these schemes to be unnecessarily costly, complex, and confusing. We also comment briefly on some previous works, including those of Rivest [16], Fox and LaMacchia [5], an...
متن کاملCertificate Revocation : A Survey
With the increasing acceptance of digital certificates, there has been a gaining impetus for methods to nullify the compromised digital certificates and enable the end user to receive this information before he trusts a revoked certificate. The problem of certificate revocation is getting more and more crucial with the development of wide spread PKIs. We discuss the need and importance of revoc...
متن کاملSimple and Flexible Privacy-Preserving Revocation Checking
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert...
متن کاملSimple and Flexible Revocation Checking with Privacy
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert...
متن کاملSimple and Flexible Private Revocation Checking
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert...
متن کامل