본문 바로가기
  • Home

A Study on Efficient CRI managing for Certificate Status Validate in Distributed OCSP

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2008, 13(3), pp.91-98
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

김경자 1 장태무 2

1세종대학교
2동국대학교

Accredited

ABSTRACT

The conventional CA(Certificate Authority) has problems in dealing with certificates whose valid time is expired and in managing CRI(Certificate Revocation Information) produced by clients. Many researches are conducted to solve them, but they have limitations in providing real-time verifications of certificates’ status for clients. In this paper, we propose a new CRI management model to address these limitations in distributed OCSP(On-line Certificate Status Protocol) environments. CRL(Certificate Revocation List) is divided into two parts: one part that is recent is replicated over several OCSP servers, the other part is replicated and distributed over servers. Our methods can help to break the bottleneck of CA, and effectively reduce the size of CRL transferred. Therefore, with our methods, clients can verify the state of certificates in real time.

Citation status

* References for papers published after 2022 are currently being built.