ACVS: An Advanced Certificate Validation Service in Service-Oriented Architectures

Abstract

Proposals such as CAdES, XAdES and LTANS have made the need of remaining evidences over long periods of time clear. Between these evidences we have electronic signatures, certificates, requests and responses of validation mechanisms and so on. In order to gather these evidences, clients have to support several PKI-compliant protocols. Then, with the aim of simplifying this task XKMS appeared. However, XKMS only provides a simple validation mechanism that does not allow clients to specify some useful aspects needed for purposes of long term validation, such as trust anchors, information to store, responses to obtain, and so on. Therefore, in order to solve this problem, we present both an extension to XKMS and the different modules that are involved in this new specification.