Deploying and Using Public Key Technology: Lessons Learned in Real Life
IEEE Security and Privacy
Plug-and-play PKI: a PKI your mother can use
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Life-cycle management of X.509 certificates based on LDAP directories
Journal of Computer Security - On IWAP'05
Hi-index | 0.00 |
Certificate life-cycle management operations, especially the initial registration of users, are important but expensive tasks in Public Key Infrastructures. In this paper we propose a mechanism that integrates these tasks with established processes, technology and data. Our approach is based on directory services that are usually already employed by companies, public administration and similar organizations for non-PKI purposes. It spares additional personell and is less error-prone, since the utilized processes are already set up and known to administrative personell and users. This reduces the costs to bootstrap and operate a Public Key Infrastructure. We show a case study about the proposed mechanism that was conducted at the Technische Universität Darmstadt in Germany in order to supply 20,000 students with certificates and keys.