Instant certificate revocation and publication using WebDAV
نویسندگان
چکیده
There are several problems associated with the current ways that certificates are published and revoked. This paper discusses these problems, and then proposes a solution based on the use of WebDAV, an enhancement to the HTTP protocol. The proposed solution provides instant certificate revocation, minimizes the processing costs of the certificate issuer and relying party, and eases the administrative burden of publishing certificates and certificate revocation lists (CRLs). We describe how WebDAV can be used for X.509 certificate revocation, and describe how we have implemented it in the PERMIS authorization infrastructure.
منابع مشابه
Using WebDAV for Improved Certificate Revocation and Publication
There are several problems associated with the current ways that certificates are published and revoked. This paper discusses these problems, and then proposes a solution based on the use of WebDAV, an enhancement to the HTTP protocol. The proposed solution provides instant certificate revocation, minimizes the processing costs of the certificate issuer and relying party, and eases the administ...
متن کاملInstant Revocation
PKI has a history of very poor support for revocation. It is both too expensive and too coarse grained, so that private keys which are compromised or otherwise become invalid remain in use long after they should have been revoked. This paper considers Instant Revocation, or revocations which take place within a second or two. A new revocation scheme, Certificate Push Revocation (CPR) is describ...
متن کاملA Model to Evaluate Certificate Revocation
This paper presents a model to evaluate certificate revocation using certificate revocation lists (CRL's) of the X.509 standard. The model shows the relationship between the number of users managed by a Certificate Authorities (CA) and the size of the revocation lists, the computation power of the CA and the necessary bandwidth to access the revoked certificates.
متن کاملUsing CRL Push Delivery for Efficient Certificate Revocation Information Distribution in Grids
Checking revocation information is necessary to prevent from using digital certificates whose contents become invalid. In current system either periodical retrieval of Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP) are the most common mechanisms to access revocation information issued by the certification authorities. As both these approaches pose problems ...
متن کاملA Novel Approach Certificate Revocation in MANET Using Fuzzy logic
Received Nov 6, 2017 Revised Jan 25, 2018 Accepted Feb 19, 2018 Due to the advent developments in the Information and Communication Technology (ICT) based environment, Mobile ad hoc networks (MANETs) have fascinated much concentration because of their mobility and easy deployment. At the same time, their wireless and vibrant features make them susceptible to wide range of types of security atta...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Computer Security
دوره 18 شماره
صفحات -
تاریخ انتشار 2010