KOUŘIL, Daniel, Luděk MATYSKA and Michal PROCHÁZKA. On Distribution Certificate Revocation Information in Grids. Brno, 2007. MEMICS 2007. ISBN 978-80-7355-077-6.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name On Distribution Certificate Revocation Information in Grids
Name in Czech Distribuce revokacnich informaci v gridovem prostredi
Authors KOUŘIL, Daniel, Luděk MATYSKA and Michal PROCHÁZKA.
Edition Brno, MEMICS 2007, 2007.
Other information
Type of outcome Audiovisual works
Confidentiality degree is not subject to a state or trade secret
Organization unit Faculty of Informatics
ISBN 978-80-7355-077-6
Changed by Changed by: RNDr. Daniel Kouřil, Ph.D., učo 1388. Changed: 5/11/2007 12:14.
Abstract
Most environments using Public Key Infrastructure (PKI) require a mechanism for the Certificate Authorities to revoke digital certificates that they have issued earlier and that became invalid for whatever reason. Checking revocation information is necessary to prevent from using digital certificates, which could lead to unauthorized access to data or systems and is a very crucial part of PKI. In this presentation we will focus on the most common mechanisms to check revocation information -- Certificate Revocation Lists (CRLs) and the Online Certificate Status Protocol (OCSP) -- and will discuss their drawbacks. We will also present a novel way of distributing the CRLs that is used on the Grid Monitoring Architecture, which guarantee the revocation information is distributed in a robust and timely manner. The presentation introduces our current research in the field of revocation handling and is based on a paper we have recently presented at the 3rd IEEE International Symposium on Security in Networks and Distributed Systems (SSNDS-07).
PrintDisplayed: 22/8/2024 01:46