Generalized certificate revocation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Digital certificates: a survey of revocation methods
MULTIMEDIA '00 Proceedings of the 2000 ACM workshops on Multimedia
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Certificate Recocation: Mechanics and Meaning
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Efficient Certificate Revocation
Efficient Certificate Revocation
Tradeoffs in certificate revocation schemes
ACM SIGCOMM Computer Communication Review
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
On the self-similarity nature of the revocation data
ISC'12 Proceedings of the 15th international conference on Information Security
Impact of the revocation service in PKI prices
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Digital certificate management: Optimal pricing and CRL releasing strategies
Decision Support Systems
Hi-index | 0.01 |
Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real data from VeriSign and suggest a functional form for the probability density function of certificate revocation requests. Exponential distribution function is chosen as it adequately approximates the real data. We then provide an economic model based on which a certificate authority can choose the optimal Certificate Revocation List (CRL) release interval considering the intrinsic properties among different types of certificate services. To conclude we draw some insights by comparing the performance of four different CRL strategies.