Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
What non-programmers know about programming: natural language procedure specification
International Journal of Man-Machine Studies - Ellis Horwood series in artificial intelligence
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Lessons Learned in Implementing and Deploying Crypto Software
Proceedings of the 11th USENIX Security Symposium
Persistent Authenticated Dictionaries and Their Applications
ISC '01 Proceedings of the 4th International Conference on Information Security
CONSEPP: CONvenient and Secure Electronic Payment Protocol Based on X9.59
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
In Search of Usable Security: Five Lessons from the Field
IEEE Security and Privacy
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
WWW '05 Proceedings of the 14th international conference on World Wide Web
Replacing the Whois Protocol: IRIS and the IETF's CRISP Working Group
IEEE Internet Computing
Plug-and-play PKI: a PKI your mother can use
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Anonymous authentication (transcript of discussion)
SP'04 Proceedings of the 12th international conference on Security Protocols
Hi-index | 0.00 |
What would a PKI look like if it were designed for implementability and deployability rather than strict adherence to a particular theoretical or mathematical model? This paper presents and examines the results of a series of interviews in which a cross-section of experienced programmers, system administrators, and technical project managers with many years of practical, real-world experience were asked which technologies they would use to solve some of the major problems that occur in PKI implementation. The results of the interviews and various significant issues identified by them are presented and discussed. Finally, a PKI technology blueprint based on recommendations made by respondents is presented. The resulting design is noteworthy in that it is almost completely unlike the one proposed in X.509 and related standards, which would indicate that at least some of the deployment difficulties being encountered with X.509-style PKIs are due to their suboptimal choice of technology.