On the Release of Crls in Public Key Infrastructure
Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the t...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2006
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/603 https://ink.library.smu.edu.sg/context/sis_research/article/1602/viewcontent/CRL_20usenix_20accpet_20version_revised.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-1602 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-16022010-12-03T06:48:19Z On the Release of Crls in Public Key Infrastructure Ma, Chengyu Hu, Nan Li, Yingjiu Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certificate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate authorities can derive optimal releasing strategies. 2006-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/603 https://ink.library.smu.edu.sg/context/sis_research/article/1602/viewcontent/CRL_20usenix_20accpet_20version_revised.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Computer Sciences |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Computer Sciences |
| spellingShingle |
Computer Sciences Ma, Chengyu Hu, Nan Li, Yingjiu On the Release of Crls in Public Key Infrastructure |
| description |
Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certificate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate authorities can derive optimal releasing strategies. |
| format |
text |
| author |
Ma, Chengyu Hu, Nan Li, Yingjiu |
| author_facet |
Ma, Chengyu Hu, Nan Li, Yingjiu |
| author_sort |
Ma, Chengyu |
| title |
On the Release of Crls in Public Key Infrastructure |
| title_short |
On the Release of Crls in Public Key Infrastructure |
| title_full |
On the Release of Crls in Public Key Infrastructure |
| title_fullStr |
On the Release of Crls in Public Key Infrastructure |
| title_full_unstemmed |
On the Release of Crls in Public Key Infrastructure |
| title_sort |
on the release of crls in public key infrastructure |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2006 |
| url |
https://ink.library.smu.edu.sg/sis_research/603 https://ink.library.smu.edu.sg/context/sis_research/article/1602/viewcontent/CRL_20usenix_20accpet_20version_revised.pdf |
| _version_ |
1770570520121573376 |