For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Reducing Certificate Revocation and Non-repudiation Service in Public Key Infrastructure
Yoshiki SAMESHIMA Toshiyuki TSUTSUMI
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2000/07/25
Print ISSN: 0916-8508
Type of Manuscript: PAPER
Category: Information Security
X. 509 authentication framework, public key certificate, certificate revocation list, non-repudiation, time stamp,
Full Text: PDF(322.5KB)>>
This paper describes User Attribute with Validity Period extension field of public key certificate and Certificate Verification Service with Time Stamp. The field and service solve the problems of unavailability of the latest revoked certificate information, large size of the revocation information and lack of non-repudiation mechanism of the X. 509 Authentication Framework. The proposed extension field is useful to reduce the revoked certificate information sent from CA of an organization where there are periodical personnel changes. The Certificate Verification Service with Time Stamp is an on-line service providing certificate status and non-repudiation service. The paper shows how the combination of the field and service solves the problems and that the server can serve hundreds of thousands of messaging system users, and the security of the service is also discussed.