publication . Preprint . 2004

PKI Scalability Issues

Slagell, Adam J; Bonilla, Rafael;
Open Access English
  • Published: 09 Sep 2004
This report surveys different PKI technologies such as PKIX and SPKI and the issues of PKI that affect scalability. Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation, OCSP, SCVP and DVCS.
free text keywords: Computer Science - Cryptography and Security, E.3
Download from
20 references, page 1 of 2

[1] A. Arsenault and S. Turner. Internet Draft PKIX: Internet X.509 Public Key Infrastructure: Roadmap, January 2003.

[2] A. Malpani, R. Housley, and T. Freeman. Internet Draft PKIX-SCVP: Simple Certificate Validation Protocol (SCVP), December 2002.

[3] C. Adams, P. Sylvester, M. Zolotarev, and R. Zuccherato. RFC 3029: Internet X.509 Public Key Infrastructure Data Validation and Certificate Server Protocols, February 2001.

[4] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. RFC 2693: SPKI Certificate Theory, September 1999.

[5] Jon Callas. Improving Message Security With a Self-Assembling PKI. In 2nd Annual PKI Research Workshop Pre-Proceedings, Gaithersburg, MD, April 2003.

[6] Carlisle Adams and Robert Zuccherato. A General, Flexible Approach to Certificate Revocation, June 1998.

[7] Marco Antonio Carnut, Evandro Curvelo Hora, Cristiano Lincoln Mattos, and Fabio da Silva. FreeICP.ORG: Free Trusted Certificates by Combining the X.509 and PGP Hierarchy Through a Collaborative Trust Scoring System. In 2nd Annual PKI Research Workshop Pre-Proceedings, Gaithersburg, MD, April 2003.

[8] David A. Cooper. A model of certificate revocation. In ACSAC, pages 256-, 1999.

[9] David A. Cooper. A more efficient use of delta-CRLs. In IEEE Symposium on Security and Privacy, pages 190-202, 2000.

[10] Whitfield Diffie and Martin E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644-654, 1976.

[11] Mike Just. An Overview of Public Key Certificate Support for Canada's Government On-Line (GOL) Initiative. In 2nd Annual PKI Research Workshop Pre-Proceedings, Gaithersburg, MD, April 2003.

[12] M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. RFC 2560: X.509 Internet Public Key Infrastructure - Online Certificate Status Protocol - OCSP, June 1999.

[13] Patrick McDaniel and Sugih Jamin. Windowed Certificate Revocation. In INFOCOM (3), pages 1406-1414, 2000.

[14] S. Micali. Efficient Certificate Revocation. Technical Report MIT/LCS/TM-542b, 1996.

[15] Moni Naor and Kobbi Nissim. Certificate Revocation and Certificate Update. In Proceedings 7th USENIX Security Symposium (San Antonio, Texas), January 1998.

20 references, page 1 of 2
Any information missing or wrong?Report an Issue