Towards a framework for evaluating certificate status information mechanisms

Authors:
John Iliadis;Stefanos Gritzalis;Diomidis Spinellis;Danny De Cock;Bart Preneel;Dimitris Gritzalis
Affiliations:
Department of Information and Communication Systems Engineering, University of the Aegean, Research Unit, 30 Voulgaroktonou St., Athens GR-11472, Greece;Department of Information and Communication Systems Engineering, University of the Aegean, Research Unit, 30 Voulgaroktonou St., Athens GR-11472, Greece;Department of Management Science and Technology, Athens University of Economics and Business, 76 Patission St.,Athens GR-10434, Greece;Dept. of Electrical Engineering ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, B-3001 Heverlee, Belgium;Dept. of Electrical Engineering ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, B-3001 Heverlee, Belgium;Department of Informatics, Athens University of Economics and Business, 76 Patission St., Athens GR-10434, Greece
Venue:
Computer Communications
Year:
2003

Citing 7
Cited 7

Evaluating certificate status information mechanisms

Proceedings of the 7th ACM conference on Computer and communications security
Certificate Recocation: Mechanics and Meaning

FC '98 Proceedings of the Second International Conference on Financial Cryptography
Can We Eliminate Certificate Revocations Lists?

FC '98 Proceedings of the Second International Conference on Financial Cryptography
On Certificate Revocation and Validation

FC '98 Proceedings of the Second International Conference on Financial Cryptography
Recent-secure authentication: enforcing revocation in distributed systems

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Efficient Certificate Revocation

Efficient Certificate Revocation
Certificate revocation and certificate update

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

Implementing regular cash with blind fixed-value electronic coins

Computer Standards & Interfaces
Instant Revocation

EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
H-OCSP: A protocol to reduce the processing burden in online certificate status validation

Electronic Commerce Research
Evaluation of certificate validation mechanisms

Computer Communications
Revising centralized certificate validation standards for mobile and wireless communications

Computer Standards & Interfaces
Modeling and evaluation of certification path discovery in the emerging global PKI

EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Efficient certificate revocation system implementation: Huffman Merkle Hash Tree (HuffMHT)

TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business

Quantified Score

Hi-index	0.24

Visualization

Abstract

A wide spectrum of certificate revocation mechanisms is currently in use. A number of them have been proposed by standardisation bodies, while some others have originated from academic or private institutions. What is still missing is a systematic and robust framework for the sound evaluation of these mechanisms. We present a mechanism-neutral framework for the evaluation of certificate status information (CSI) mechanisms. These mechanisms collect, process and distribute CSI. A detailed demonstration of its exploitation is also provided. The demonstration is mainly based on the evaluation of Certificate Revocation Lists, as well as of the Online Certificate Status Protocol. Other well-known CSI mechanisms are also mentioned for completeness.