Reducing Certificate Revocation and Non-repudiation Service in Public Key Infrastructure

概要

論文の詳細を見る
This paper describes User Attribute with Validity Period extension field of public key certificate and Certificate Verification Service with Time Stamp. The field and service solve the problems of unavailability of the latest revoked certificate information, large size of the revocation information and lack of non-repudiation mechanism of the X.509 Authentication Framework. The proposed extension field is useful to reduce the revoked certificate information sent from CA of an organization where there are periodical personel changes. The Certificate Verification Service with Time Stamp is an on-line service providing certificate status and non-repudiation service. The paper shows how the combination of the field and service solves the problems and that the server can serve hundrdes of thousands of messaging system users, and the security of the service is also discussed.
社団法人電子情報通信学会の論文
2000-07-25