Advertisement

Advanced Certificate Status Protocol

  • Dae Hyun Yum
  • Jae Eun Kang
  • Pil Joong Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2776)

Abstract

This paper proposes ACSP (Advanced Certificate Status Protocol), a new online certificate status checking protocol. ACSP is a flexible revocation status checking system, for ACSP allows users to set their own recency requirements. In addition, ACSP is very efficient because ACSP requires small computational and communicational costs compared with OCSP in most environments. Actually, OCSP can be considered as a special case of ACSP. We also propose ACSP+ that is a variant of ACSP with a proxy responder.

Keywords

PKI certificate revocation CRL OCSP ACSP 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Fox, B., LaMacchia, B.: Certificate Revocation: Mechanics and Meaning. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Fox, B., LaMacchia, B.: Online Certificate Status Checking in Financial Transactions: The Case for Re-issuance. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 104–117. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Housley, R., Polk, W., Ford, W., Solo, D.: Internet X. 509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. In: RFC 3280, IETF (2002)Google Scholar
  4. 4.
    Jain, G.: Certificate Revocation - A Survey. Project paper, http://www.cis.upenn.edu/~jaing/papers/
  5. 5.
    Kocher, P.C.: On Certificate Revocation and Validation. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 172–177. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. 6.
    McDaniel, P., Jamin, S.: Windowed Certificate Revocation. IEEE INFOCOM (2000)Google Scholar
  7. 7.
    McDaniel, P., Rubin, A.: A Response to Can We Eliminate Certificate Revocation Lists? In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 245–258. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Micali, S.: Efficient Certificate Revocation. Technical Memo MIT/LCS/TM-542b, MIT, Laboratory for Computer Science (1996)Google Scholar
  9. 9.
    Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. In: RFC 2560, IETF (1999)Google Scholar
  10. 10.
    Myers, M.: Revocation: Options and Challenges. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  11. 11.
    Naor, M., Nissim, K.: Certificate Revocation and Certificate Update. In: 7th USENIX Security Symposium (1998)Google Scholar
  12. 12.
    Rivest, R.L.: Can We Eliminate Certificate Revocation Lists? In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 178–183. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  13. 13.
    WAP forum. “WPKI,” WAP-217-WPKI, Version 24-April-(2001), http://www.wapforum.org/
  14. 14.
    Wilhelm, R.: Publish and Subscribe with User Specified Action. In: Patterns Workshop, OOPSLA 1993 (1993)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Dae Hyun Yum
    • 1
  • Jae Eun Kang
    • 1
  • Pil Joong Lee
    • 1
  1. 1.Department of Electronic and Electrical EngineeringPOSTECHKyoungbukRep. of Korea

Personalised recommendations