Digital certificates: a survey of revocation methods
暂无分享,去创建一个
Digital certificates form a basis that allows entities to trust each other. Due to different constraints, a certificate is only valid within a specific period of time. Coming from several threats, there are important reasons why its validity must be terminated sooner than assigned and thus, the certificate needs to be revoked. This paper provides a classification of revocation methods and gives an overview of the main methods like CRL, CRS, CRT, and OCSP. If and in which way a revocation method is suited must be analyzed in accordance to their purpose.
[1] S. Micali. Enhanced Certificate Revocation System , 1995 .
[2] Paul C. Kocher. On Certificate Revocation and Validation , 1998, Financial Cryptography.
[3] Ralph C. Merkle,et al. Secrecy, authentication, and public key systems , 1979 .
[4] Carlisle M. Adams,et al. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.
[5] Silvio Micali,et al. On-Line/Off-Line Digital Schemes , 1989, CRYPTO.