An Introduction to Validation for Federated PKIs
This paper investigates the security, performance and availability issues associated with establishing trusted identities for large populations spanning many different trust domains. A trusted path building approach is presented that scales to lOOs millions of users with transaction response times of a few hundred milliseconds.
KeywordsInternet Engineer Task Force Certificate Validation Online Certificate Status Protocol Certificate Chain Trust Path
Unable to display preview. Download preview PDF.
- [PKI-Imp]Andrew Nash, William Duane, Celia Joseph and Derek Brink, PKI Implementing and Managing E-Security, Osborne/McGraw-Hill, Berkeley, California, 2001.Google Scholar
- [D-OCSP]Distributed Certificate Validation, CoreStreet, 2003. Available from: http://www.corestreet.com
- [SCVPstd]Internet Engineering Task Force (IETF): Server-based Certificate Validation Protocol, Internet Draft, June 2006. Available from: http://tools.ietf.org/wglpkixldraft-ietf-pkix-scvp/
- [Sec-Vul]Vulnerability Analysis of Certificate Validation Systems, CoreStreet, 2004. Available from: http://www.corestreet.com
- [Chokhani]Chokhani, Santosh: Simple Certificate Validation Protocol (SCVP), presented at the DoD PKI Forum in Orlando, April 2005.Google Scholar