A Certificate-Path Construction Algorithm Based on CA Quantification

Certificate-path construction is a procedure to generate logical links between PKI users. In this study, we designed a value to quantify a given CA (Certificate Authority) and the value is used as a reference in path constructing process. Then a reverse certificate-path construction algorithm is described. The affections of this quantification are discussed by applying the new algorithm in selected PKI structures. After all, the result of those experiments indicates the new algorithm have improvements compares with the breadth-first search algorithm.

[1]  Zhimin Gu,et al.  A New and Scalable Certification Path Discovery Model in the Emerging Global PKI , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[2]  Development of Hi-Speed X.509 Certification Path Validation System , 2010, 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops.

[3]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[4]  Steve Hanna,et al.  Building Certifications Paths: Forward vs. Reverse , 2001, NDSS.

[5]  Richard Nicholas,et al.  Internet X.509 Public Key Infrastructure: Certification Path Building , 2005, RFC.