A Robust and Efficient Mechanism to Distribute Certificate Revocation Information Using the Grid Monitoring Architecture
Authors | |
---|---|
Year of publication | 2007 |
Type | Article in Proceedings |
Conference | 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07), |
MU Faculty or unit | |
Citation | |
web | DOI Bookmark |
Description | Checking revocation information is necessary to prevent from using digital certificates whose contents become in- valid. In current system either periodical retrieval of Cer- tificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP) are the most common mechanisms to access revocation information issued by the certifica- tion authorities. As both these approaches pose problems we propose a new method based on a Push model, which is based on the Grid Monitoring Architecture. Using this approach we guarantee the revocation information is dis- tributed in a robust and timely manner. We also describe a pilot implementation of the service based on the proposed design. |