We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Design and implementation of a lightweight online certificate validation service.
- Authors
Muñoz, Jose; Esparza, Oscar; Forné, Jordi; Pallares, Esteve
- Abstract
A PKI (public key infrastructure) provides for a digital certificate that can identify an individual or an organization. However, the existence of a certificate is a necessary but not sufficient evidence for its validity. The PKI needs to provide applications that use certificates with the ability to validate, at the time of usage, that a certificate is still valid (not revoked). One of the two standard protocols to check the revocation status of certificates is the Online Certificate Status Protocol (OCSP). In this article, we propose an OCSP-based implementation that enhances the performance of standard OCSP. In particular, we put special emphasis on those issues that affect security and performance when the validation service is deployed in a real scenario. Finally, we provide experimental results that show that our implementation outperforms standard OCSP.
- Subjects
DIGITAL certificates; DIGITAL signatures; CERTIFICATE authority; COMPUTER security; PUBLIC key cryptography; DATA encryption; CRYPTOGRAPHY; COMPUTER network security; ELECTRONIC commerce
- Publication
Telecommunication Systems, 2009, Vol 41, Issue 3, p229
- ISSN
1018-4864
- Publication type
Article
- DOI
10.1007/s11235-009-9144-2