A PKI case study: implementing the server-based certificate validation protocol

  • Authors:

  • Marius Marian;Eugen Sendroiu

  • Affiliations:

  • University of Craiova, Department of Automation, Romania;University of Birmingham, Department of Computer Science, United Kingdom

  • Venue:
  • ISP'08 Proceedings of the 7th WSEAS international conference on Information security and privacy
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Validation of a public-key certificate is a complex and resource-consuming task. If public-key technology is to be widely deployed in a variety of applications and environments, the amount of processing an application needs to perform before it can accept a digital certificate needs to be reduced. There is a large number of applications that can make use of public-key certificates, but to be trustworthy these applications must handle the overhead of constructing and validating the certification paths. The Server-based Certificate Validation Protocol (SCVP) is an Internet protocol for determining the path between a digital certificate - X.509 or Attribute Certificate - and a trusted root (Delegated Path Discovery) and the validation of that path (Delegated Path Validation) according to a particular validation policy. This paper presents an implementation of the SCVP protocol for the OpenSSL cryptographic library.