Abstract
Public-Key Infrastructures are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert’eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert’eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. The system, developed and tested at the University of Malaga, was recently selected by RedIRIS, the National Research and Academic Network in Spain, to provide the public key service for its secure electronic mail.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
U.K. Department of Trade and Industry, “Building Confidence in Electronic Commerce-A Consultation Document”, March 1999.
J. Kohl, “The Use of Encryption in Kerberos for Network Authentication”, Advances in Cryptology, Proceedings of CRYPTO’ 89, Springer-Verlag, 1989, pp. 35–43.
J. Kohl, B. Neuman, “The Kerberos Network Authentication Service (V5)”, RFC 1510, 1993. http://www.ietf.org/rfc/rfc1510.txt
D. Davis, “Kerberos Plus RSA for World Wide Web Security”, First USENIX Workshop on Electronic Commerce, 1995, pp. 185–188.
R. Ganesan, “Yaksha: Augmenting Kerberos with Public Key Cryptography”, Internet Society Symposium on Network and Distributed Systems Security, IEEE Press, 1995, pp. 132–143.
J. Schiller, D. Atkins, “Scaling the Web of Trust: Combining Kerberos and PGP to Provide Large Scale Authentication”, USENIX Technical Conference, 1995.
W. Diffie, M. Hellman, “New Directions in Cryptography”. IEEE Transactions on Information Theory, IT-22, n. 6. 1976, pp. 644–654.
International Telecommunication Union, Itu-t Recommendation X.509. Information Technology-Open Systems Interconnection-The Directory: Authentication Framework, 1997.
C. Ellison, “SPKI Requirements”, Internet draft, May 1999. http://www.ietf.org/internet-drafts/draft-ietf-spki-cert-req-03.txt
C. Ellison, W. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen, “SPKI Certificate Theory”, Internet draft, June 1999. http://www.ietf.org/internet-drafts/draft-ietf-spki-cert-theory-05.txt
D. Eastlake, “Domain Name System Security Extensions”, RFC 2535, March 1999. http://www.ietf.org/rfc/rfc2535.txt
D. Eastlake, O. Gudmundsson, “Storing Certificates in the Domain Name System (DNS)”, RFC 2538, March 1999. http://www.ietf.org/rfc/rfc2538.txt
European Commission, “Proposal for a European Parliament and Council Directive on a Common Framework for Electronic Signatures”, COM(1998) 297 final, 1998. http://www.ispo.cec.be/eif/policy/com98297.html
R. Rivest, “Can we Eliminate Revocation Lists?”, Proceedings of the Second International Conference on Financial Cryptography, FC’ 98, Springer-Verlag, 1998.
C. Adams, M. Myers, A. Malpani, R. Ankney, S. Galperin, “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP”, Internet draft, April 1999. http://www.ietf.org/internet-drafts/draft-ietf-pkix-ocsp-08.txt
B. Wright, “Making Numbers Ceremonial: Signing Tax Returns with Personal Identification Numbers”, personal communication, 1998.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lopez, J., Mana, A., Ortega, J.J. (1999). Cert’eM: Certification System Based on Electronic Mail Service Structure. In: Secure Networking — CQRE [Secure] ’ 99. CQRE 1999. Lecture Notes in Computer Science, vol 1740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46701-7_9
Download citation
DOI: https://doi.org/10.1007/3-540-46701-7_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66800-8
Online ISBN: 978-3-540-46701-4
eBook Packages: Springer Book Archive