Classifying Public Key Certificates
نویسندگان
چکیده
In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.
منابع مشابه
Chains of Distrust: Towards Understanding Certificates Used for Signing Malicious Applications
Digital certificates are key component of trust used by many operating systems. Modern operating systems implement a form of digital signature verification for various applications, including kernel driver installation, software execution, etc. Digital signatures rely on digital certificates that authenticate the signature, which then verify the validity of a given signature for a signed binary...
متن کاملTESLA Certificates: An Authentication Tool for Networks of Compute-Constrained Devices
In the near future wireless networks will consist of lowpowered, compute-constrained devices. These devices will have limited ability to perform the expensive computational operations associated with public key cryptography. This will limit the usefulness of conventional authentication mechanisms based on public key certificates in these domains. In this paper we introduce an alternative to con...
متن کاملRfc 6253 Hip Cert
The Certificate (CERT) parameter is a container for digital certificates. It is used for carrying these certificates in Host Identity Protocol (HIP) control packets. This document specifies the CERT parameter and the error signaling in case of a failed verification. Additionally, this document specifies the representations of Host Identity Tags in X.509 version 3 (v3) and Simple Public Key Infr...
متن کاملDistributed Storage and Revocation in Digital Certificate Databases
Public-key cryptography is fast becoming the foundation for those applications that require security and authentication in open networks. But the widespread use of a global public-key cryptosystem requires that public-key certificates are always available and up-to-date. Problems associated to digital certificates management, like storage, retrieval, maintenance, and, specially, revocation, req...
متن کاملAnalytical Performance Evaluation of Nested Certificates
The classical certificate systems are computationally inefficient, since they use signature operations based on public key cryptosystems. The nested certificates (A. Levi, Design and performance evaluation of the nested certification scheme and its applications in public key infrastructures, Ph.D. Thesis, Department of Computer Engineering, Boğaziçi University, Istanbul, Turkey) are proposed to...
متن کامل