{"title":"通过客户机-服务器架构和证书路径和存储库地址的动态传播简化PKI的使用","authors":"Brian Hunter","doi":"10.1109/DEXA.2002.1045948","DOIUrl":null,"url":null,"abstract":"PKI deployment and use has not met its expectations. One reason that PKIX has not been fully accepted is due to the complexity of the system. Any application wishing to use PKI must implement complicated logic for certificate parsing, certificate path building and policy management. Certificate path building, in particular, is further complicated by the non-standardized method of certificate discovery and retrieval. Thus, many applications do not utilize or cannot utilize public key technology. We propose a new PKI server which offers access to PKI services and only requires a simple client API and a small client library that enables even resource-limited clients to be supported. This can greatly reduce application development time and complexity and allow PKI usage to propagate into more applications. Furthermore, we introduce the concept of a PKI server-to-server protocol which allows knowledge of certificate repositories and certificate paths to be shared among different PKI Servers. This technique will simplify the task of certificate retrieval and path building for individual PKI Servers.","PeriodicalId":254550,"journal":{"name":"Proceedings. 13th International Workshop on Database and Expert Systems Applications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Simplifying PKI usage through a client-server architecture and dynamic propagation of certificate paths and repository addresses\",\"authors\":\"Brian Hunter\",\"doi\":\"10.1109/DEXA.2002.1045948\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"PKI deployment and use has not met its expectations. One reason that PKIX has not been fully accepted is due to the complexity of the system. Any application wishing to use PKI must implement complicated logic for certificate parsing, certificate path building and policy management. Certificate path building, in particular, is further complicated by the non-standardized method of certificate discovery and retrieval. Thus, many applications do not utilize or cannot utilize public key technology. We propose a new PKI server which offers access to PKI services and only requires a simple client API and a small client library that enables even resource-limited clients to be supported. This can greatly reduce application development time and complexity and allow PKI usage to propagate into more applications. Furthermore, we introduce the concept of a PKI server-to-server protocol which allows knowledge of certificate repositories and certificate paths to be shared among different PKI Servers. This technique will simplify the task of certificate retrieval and path building for individual PKI Servers.\",\"PeriodicalId\":254550,\"journal\":{\"name\":\"Proceedings. 13th International Workshop on Database and Expert Systems Applications\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-09-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 13th International Workshop on Database and Expert Systems Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DEXA.2002.1045948\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 13th International Workshop on Database and Expert Systems Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DEXA.2002.1045948","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Simplifying PKI usage through a client-server architecture and dynamic propagation of certificate paths and repository addresses
PKI deployment and use has not met its expectations. One reason that PKIX has not been fully accepted is due to the complexity of the system. Any application wishing to use PKI must implement complicated logic for certificate parsing, certificate path building and policy management. Certificate path building, in particular, is further complicated by the non-standardized method of certificate discovery and retrieval. Thus, many applications do not utilize or cannot utilize public key technology. We propose a new PKI server which offers access to PKI services and only requires a simple client API and a small client library that enables even resource-limited clients to be supported. This can greatly reduce application development time and complexity and allow PKI usage to propagate into more applications. Furthermore, we introduce the concept of a PKI server-to-server protocol which allows knowledge of certificate repositories and certificate paths to be shared among different PKI Servers. This technique will simplify the task of certificate retrieval and path building for individual PKI Servers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
