A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Filters
Revocation Statuses on the Internet
[article]
2022
arXiv
pre-print
Preserved Fulltext
Other Versions
Instead, the status of most certificates can only be checked with Online Certificate Status Protocol (OCSP) and/or Certificate Revocation Lists (CRLs). ...
In practice, the problem of secure certificate revocation has not yet been solved, and today no revocation procedure (similar to Certificate Transparency w.r.t. certificate issuance) has been adopted to ...
Instead, most browsers typically accept a certificate if they are unable to obtain revocation information [23] . • Certificate Revocation List (CRL): CAs maintain signed lists with the serial numbers ...
arXiv:2102.04288v3
fatcat:rdgrjil4ura3rbfgd47h6r2jqa
Privacy-enhanced electronic mail
[chapter]
1991
DIMACS Series in Discrete Mathematics and Theoretical Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Also, again unlike X.509 lists, each certification revocation list contains the date when the next certification revocation list will be issued, to ensure that the entity obtaining the certification revocation ...
Each certificate must also be checked against the relevant certificate revocation lists, and the user must again be warned if either a revoked certificate is found or a certificate revocation list cannot ...
doi:10.1090/dimacs/002/05
dblp:conf/dimacs/Bishop89
fatcat:ygqfuqtaxrdfvbvq6vhyv5n46e
RITM: Revocation in the Middle
2016
2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2016 pre-print arXiv:1604.08490v1 fatcat:m5hpigslcvdzdooml2inmn5ipmOther Versions
We present RITM, a framework in which middleboxes (as opposed to clients, servers, or certification authorities) store revocation-related data. ...
Additionally, RITM keeps certification authorities accountable for the revocations that they have issued, and it minimizes overhead at clients and servers, as they have to neither store nor download any ...
Revocation Lists. One challenge is to find a format of revocation list that meets our requirements. ...
doi:10.1109/icdcs.2016.91
dblp:conf/icdcs/SzalachowskiCLP16
fatcat:x2u7xku3rbfhti3ivukjtzkgm4
Efficient and Fresh Certification
[chapter]
2000
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We compare EFECT to previously proposed systems, including traditional X.509 certificates and Certificate Revocation Lists (CRLs), SDSI/SPKI, Micali's Certificate Revocation System (CRS), Kocher's Certificate ...
lists/trees. ...
X.509 Certificates and Certificate Revocation Lists (CRL) Certificate Revocation Lists (CRLs) used with X.509 certificates is the standard certificate revocation scheme that is currently being deployed ...
doi:10.1007/978-3-540-46588-1_23
fatcat:umc5bj5e3nadxa7euradihtg5i
Associative Blockchain for Decentralized PKI Transparency
2021
Cryptography
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
and revocations for any domain. ...
We present decentralized PKI transparency (DPKIT): a decentralized client-based approach to enforcing transparency in certificate issuance and revocation while eliminating single points of failure. ...
Traditional revocation mechanisms, from offline Certificate Revocation Lists [7] , to Online Certificate Status Protocol (OCSP) and OCSP Stapling [8, 9] , are simply not efficient or reliable enough ...
doi:10.3390/cryptography5020014
fatcat:hh2jr4hd6ncwrjvul24quoavdu
Measuring the Latency and Pervasiveness of TLS Certificate Revocation
[chapter]
2016
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Today the Online Certificate Status Protocol (OCSP) is the most common way to quickly distribute revocation information. ...
An essential part of a PKI is the ability to quickly revoke certificates, for example, after a key compromise. ...
Two primary mechanisms exist to revoke certificates: Certificate Revocation Lists (CRLs) [8] which provide downloadable lists of revoked certificates, and the Online Certificate Status Protocol (OCSP ...
doi:10.1007/978-3-319-30505-9_2
fatcat:fsdsscnsmzc2tnq4kco4wp3pfm
PKI: it's not dead, just resting
2002
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
X.500 tried to address this problem through certificate revocation lists. ...
The best mechanism gives a direct indication of whether a certificate is valid or not, a slightly less useful one provides a certification revocation list (CRL) response. ...
doi:10.1109/mc.2002.1023787
fatcat:n3ab5heww5gb3o7dxi5fovvbua
The Internet Mail Consortium
1998
Scientific American
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2008; you can also visit the original URL.
The file type is application/pdf.
A receiving agent SHOULD have access to some certificate-revocation list (CRL) retrieval mechanism in order to gain access to certificate-revocation information when validating certificate chains. ...
CertificateRevocationLists Receiving agents MUST support for the Certificate Revocation List (CRL) format defined in [KEYM] . ...
doi:10.1038/scientificamerican0398-108
fatcat:vbu4jz3lxfgerdmchzbkhikdn4
RevCast
2014
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
However, certificate revocation systems are generally regarded as ineffective and potentially insecure: Some browsers bundle revocation updates with more general software updates, and may go hours, days ...
The ability to revoke certificates is a fundamental feature of a public key infrastructure. ...
In practice, the most common means of certificate revocation is for a CA to aggregate its revocations into certificate revocation lists (CRLs), as described in the X.509 standard [6] . ...
doi:10.1145/2660267.2660376
dblp:conf/ccs/SchulmanLS14
fatcat:c5mc3jk44vbfpmhshde4tkxusu
PKI Scalability Issues
[article]
2005
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
Other Versions
Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation, OCSP, SCVP and ...
Certificate Revocation Lists Certificate Revocation Lists (CRLs) were one of the first methods to revoke certificates. ...
Revocation List (CRL). ...
arXiv:cs/0409018v2
fatcat:nklcfkskgbgnfdcpanl3xwifwa
An Efficient Identity Based Encryption in Cloud Computing with Outsourced Revocation
2020
International Journal of Scientific Research in Computer Science Engineering and Information Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate [2]. ...
It aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. ...
Certification
Revocation List (CRL) is the first and the least
difficult strategy for declaration denial. it is generally
perceived that CRLs are too exorbitant and can't give
a decent level of ...
doi:10.32628/cseit20668
fatcat:foc35bd6ofcw7l5sl72c4b2bcq
The Case for Dynamic Key Distribution for PKI-Based VANETS
2014
International Journal of Computer Networks & Communications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2016 pre-print arXiv:1605.04696v1 fatcat:3ld2gt67hvexdft5esqeh52qzq
A proposed key revocation mechanism reduced the number of messages needed for revocation through Certificate Revocation List (CRL) distribution. ...
Public key infrastructure (PKI) can be used to secure VANETs where an onboard tamper proof device (TPD) stores a number of encryption keys which are renewed upon visiting a certificate authority (CA). ...
One of the principles of the public key infrastructure (PKI) that should be handled effectively is key revocation, and how to distribute a certificate revocation list (CRL) among the VANETs efficiently ...
doi:10.5121/ijcnc.2014.6105
fatcat:scbfqf7c6vah3a2iik5m62efem
Beyond PKI: The Biocryptographic Key Infrastructure
2010
2010 IEEE International Workshop on Information Forensics and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
But to solve these problems correctly, we cannot simply use standard biometric templates (the data representation of the collected biometric feature) embedded within x.509 certificates, because a revocation ...
How did the CA identify the certificate holder? ...
Scenario 1: Manual Re-issue The BCA that issued the certificate must maintain a certificate revocation list (CRL). This list only contains revoked certificates, and not expired certificates. ...
doi:10.1109/wifs.2010.5711435
dblp:conf/wifs/ScheirerBB10
fatcat:avh4vs2eobbi3nnobubs7w5bmu
Beyond PKI: The Biocryptographic Key Infrastructure
[chapter]
2013
Security and Privacy in Biometrics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
But to solve these problems correctly, we cannot simply use standard biometric templates (the data representation of the collected biometric feature) embedded within x.509 certificates, because a revocation ...
How did the CA identify the certificate holder? ...
Scenario 1: Manual Re-issue The BCA that issued the certificate must maintain a certificate revocation list (CRL). This list only contains revoked certificates, and not expired certificates. ...
doi:10.1007/978-1-4471-5230-9_3
fatcat:yuthwurbrnd3nefhdptujvc22y
Towards a More Secure and Scalable Verifying PKI of eMRTD
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
OCSP), and the Server-based Certificate Validation Protocol (SCVP). ...
., stolen (mobile) passport inspection systems due to its missing revocation mechanism. The article at hand seeks for potential approaches to solve these shortcomings. ...
Certificate Revocation List (CRL) Certificate Revocation Lists (CRL) provide a mechanism to invalidate certificates before their actual expiration date. ...
doi:10.1007/978-3-642-53997-8_7
fatcat:vl4z6dtjb5gmrkk4rw6tvdkptm
« Previous
Showing results 1 — 15 out of 1,904 results