Abstract
Authentication of other parties on the Internet using a Public Key Infrastructure (PKI) is still an open area for research. The current authentication method consists of building a certification path connecting a trust anchor and the target, a public key to be validated. All the existing solutions cover the validation of a domain, which could be hierarchical, single, cross-certification or bridge [1], which holds the trust anchor and the target in the same domain of the CA root. Alternatively, the trust anchor and the target are in different domains but there is a link between the domains (cross-certification). This proposal presents a solution for domains that do not have a cross-certificate; therefore these domains could apply the proposed solution to authenticate their targets. In addition, a method for traversing and constructing a path will be presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Komar, B.: Troubleshooting Certificate Status and Revocation, p. 64 (2001)
Lloyd, S.: Understanding Certification Path Construction, p. 14 (2002)
Olson, D.: Certificate Authority issues, p. 7 (2001)
Xenitellis, S.: The open-source PKI Book: A guide to PKIs and open-source Implementation (2000)
Union, I.T.: ITU-T RECOMMENDATION X.509 | ISO/IEC 9594-8: INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - THE DIRECTORY PUBLIC-KEY AND ATTRIBUTE CERTIFICATE FRAMEWORKS, p. 162 (2001)
Alexandre, R., Silva, M.A.S.: Pequi: A PKIX Implementation for Secure Communication. p. 11
SPKI (Simple Public Key Infrastructure), p. 33 (2000)
Commission, T.E.: Guidelines, Methodologies and Standards to set up a CA for Digital Signatures, p. 103
Ltd, D.C., DIRECTORY SERVICES - THE ROLE OF LDAP AND X.500. p. 6
Chokhani, S., Ford, W., Sabett, R., Merrill, C., Wu, S.: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, p. 76 (2003)
Arsenault, A., Turner, S.: Internet X.509 Public Key Infrastructure: Roadmap, p. 57 (2002)
Elley, Y., Anderson, A., Hanna, S., Mullan, S., Perlman, R., Proctor, S.: Building Certification Paths: Forward vs. Reverse. p. 8
Zhanna Reznikova, B.R.: USING INFORMATION THEORY APPROACH TO STUDY THE COMMUNICATION SYSTEM AND NUMERICAL COMPETENCE IN ANTS. p. 8
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Batarfi, O. (2003). Certificate Validation in Untrusted Domains. In: Meersman, R., Tari, Z. (eds) On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops. OTM 2003. Lecture Notes in Computer Science, vol 2889. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39962-9_101
Download citation
DOI: https://doi.org/10.1007/978-3-540-39962-9_101
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20494-7
Online ISBN: 978-3-540-39962-9
eBook Packages: Springer Book Archive