Digital certificates: a survey of revocation methods
MULTIMEDIA '00 Proceedings of the 2000 ACM workshops on Multimedia
Understanding PKI: Concepts, Standards, and Deployment Considerations
Understanding PKI: Concepts, Standards, and Deployment Considerations
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Tradeoffs in certificate revocation schemes
ACM SIGCOMM Computer Communication Review
On the release of CRLs in public key infrastructure
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
On the self-similarity nature of the revocation data
ISC'12 Proceedings of the 15th international conference on Information Security
Impact of the revocation service in PKI prices
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Hi-index | 0.00 |
We investigate how to reduce the cost of certificate revocation in the PKI system of UNINETT (The Internet of Norwegian Universities and Colleges), by analyzing and characterizing existing users' needs and behavior. The focus is on how to reduce the number of revoked certificates and bandwidth consumption in order to achieve better scalability. We distinguish between three main types of revocation mechanisms: list pull, list push, and short validity period. We try to find the optimal parameter values with respect to revocation method, the number of groups, group size, validity period duration, application type access, and certificate security policy. The current user categories are permanent employees, temporary employees and students. This paper analyzes the collected empirical data for how long the users actually stay in the system, and the reasons and frequency of user terminations that require certificate revocations, and then models the consequences for certificate revocation.