Beacon certificate push revocation

Abstract

Authentication information is best localized. Local sources of authentication information are better able to physically identify users, provide authoritative information on them, adequately protect authentication information and infrastructure, and ato provide high quality authentication at an affordable cost. We consider here the problem of public key authentication using a potentially large number of local Certificate Authorities (CAs). The information provided by these CAs is federated together to create a large-scale distributed authentication base. One of the key problems in doing so is certificate revocation. Efficient mechanisms are described for certificate revocation when there are many CAs and we provide some measures on their efficiency.