Classifying Public Key Certificates
In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.
KeywordsNatural Person Legal Entity Hardware Device Transport Layer Security Software Publisher
Unable to display preview. Download preview PDF.
- 1.Anderson, R., Kuhn, M.: Tamper Resistance — A Cautionary Note. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pp. 1–11 (November 1996)Google Scholar
- 5.Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
- 6.Chokhani, S., et al.: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, RFC 3647 (November 2003)Google Scholar
- 7.Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)Google Scholar
- 9.ISO/IEC 7498-2, Information Processing Systems—Open Systems Interconnection Reference Model—Part 2: Security Architecture (1989)Google Scholar
- 10.Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
- 11.Kocher, P.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- 12.Lopez, J., Oppliger, R., Pernul, G.: Why have public key infrastructures failed so far? work in progressGoogle Scholar
- 13.Oppliger, R.: Security Technologies for the World Wide Web, 2nd edn. Artech House Publishers, Norwood (2003)Google Scholar
- 15.Oppliger, R.: Server-based Signatures: A Different Approach. work in progressGoogle Scholar