Digital certificates: a survey of revocation methods
MULTIMEDIA '00 Proceedings of the 2000 ACM workshops on Multimedia
Applying lightweight directory access protocol service on session certification authority
Computer Networks: The International Journal of Computer and Telecommunications Networking
Evaluation of Certificate Revocation Policies: OCSP vs. Overissued-CRL
DEXA '02 Proceedings of the 13th International Workshop on Database and Expert Systems Applications
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Fast Checking of Individual Certificate Revocation on Small Systems
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Certificate Revocation the Responsible Way
CSDA '98 Proceedings of the Conference on Computer Security, Dependability, and Assurance: From Needs to Solutions
Security Aspects in Standard Certificate Revocation Mechanisms: A Case Study for OCSP
ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
Implementation of an Efficient Authenticated Dictionary for Certificate Revocation
ISCC '03 Proceedings of the Eighth IEEE International Symposium on Computers and Communications
A Certificate Revocation Scheme for a Large-Scale Highly Replicated Distributed System
ISCC '03 Proceedings of the Eighth IEEE International Symposium on Computers and Communications
A More Efficient Use of Delta-CRLs
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Efficient Certificate Revocation
Efficient Certificate Revocation
ADoCSI: towards a transparent mechanism for disseminating Certificate Status Information
Computer Communications
Towards a framework for evaluating certificate status information mechanisms
Computer Communications
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
XML security - A comparative literature review
Journal of Systems and Software
H-OCSP: A protocol to reduce the processing burden in online certificate status validation
Electronic Commerce Research
Impact of the revocation service in PKI prices
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Hi-index | 0.24 |
In this article we evaluate different certificate validation mechanisms to be possibly used within the Wireless Public Key Infrastructure (W-PKI). An implementation of a standard compliant signed content application offering full PKI functionality served as means for evaluating different mechanisms. We compared short-lived certificates, Certificate Revocation Lists (CRLs), the Online Certificate Status Protocol (OCSP) and the XML Key Management Specification (XKMS) with regard to security, interoperability, complexity and performance in terms of size and scalability. The evaluation has lead to propose OCSP for delegated certificate validation. It has to be pointed out though, that OCSP should be enhanced with full delegation capabilities, such as the ones offered by XKMS.