Network Security with Openssl
Hi-index | 0.00 |
Validation of a public-key certificate is a complex and resource-consuming task. If public-key technology is to be widely deployed in a variety of applications and environments, the amount of processing an application needs to perform before it can accept a digital certificate needs to be reduced. There is a large number of applications that can make use of public-key certificates, but to be trustworthy these applications must handle the overhead of constructing and validating the certification paths. The Server-based Certificate Validation Protocol (SCVP) is an Internet protocol for determining the path between a digital certificate - X.509 or Attribute Certificate - and a trusted root (Delegated Path Discovery) and the validation of that path (Delegated Path Validation) according to a particular validation policy. This paper presents an implementation of the SCVP protocol for the OpenSSL cryptographic library.