Abstract
How to distribute resource locators is a fundamental problem in PKI. Our PKI Resource Query Protocol (PRQP), recently presented at IETF, provides a standard method to query for PKI resources locators. However the distribution of locators across PKIs is still an unsolved problem. In this paper, we propose an extension to PRQP in order to distribute PRQP messages over a Peer-to-Peer (P2P) network. In this work, we combine PRQP with Distributed Hash Tables (DHTs) to efficiently distribute contents over a dynamic P2P overlay network. In particular we present the PEACH protocol and a PEACH Enabled System (PEACHES) which are specifically targeted toward solving the PKI resources discovery problem. Our work enhances interoperability between existing PKIs and allows for easy configuration of applications, thus augmenting usability of PKI technology.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Pala, M., Smith, S.W.: AutoPKI: A PKI Resources Discovery System. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 154–169. Springer, Heidelberg (2007), http://dblp.uni-trier.de/db/conf/europki/europki2007.html#PalaS07
Stoica, I., Morris, R., Karger, D.R., Kaashoek, M.F., Balakrishnan, H.: Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications. In: SIGCOMM, pp. 149–160 (2001)
Pala, M.: The PKI Resource Query Protocol (PRQP), Internet Draft, (June 2007), http://www.ietf.org/internet-drafts/draft-pala-prqp-01.txt
Stoica, I., Morris, R., Karger, D., Kaashoek, F.F., Balakrishnan, H.: Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications. SIGCOMM Comput. Commun. Rev. 31(4), 149–160 (2001), http://portal.acm.org/citation.cfm?id=964723.383071
Rowstron, A., Druschel, P.: Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, p. 329. Springer, Heidelberg (2001), citeseer.ist.psu.edu/rowstron01pastry.html
Ratnasamy, S., Francis, P., Handley, M., Karp, R., Schenker, S.: A Scalable Content-Addressable Network. In: SIGCOMM 2001: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, October 2001, vol. 31(4), pp. 161–172. ACM Press, New York (2001), http://portal.acm.org/citation.cfm?id=383072
Zhao, B.Y., Kubiatowicz, J.D., Joseph, A.D.: Tapestry: An Infrastructure for Fault-Tolerant Wide-Area Location and Routing, UC Berkeley, Tech. Rep. UCB/CSD-01-1141, # apr # (2001), http://citeseer.ist.psu.edu/zhao01tapestry.html
Maymounkov, P., Mazieres, D.: Kademlia: A Peer-to-Peer Information System Based on the XOR Metric (2002), http://citeseer.ist.psu.edu/maymounkov02kademlia.html
Aberer, K., Mauroux, P.C., Datta, A., Despotovic, Z., Hauswirth, M., Punceva, M., Schmidt, R.: P-Grid: A Self-organizing Structured P2P System. SIGMOD Record 32(3) (September 2003), http://lsirpeople.epfl.ch/rschmidt/papers/Aberer03P-GridSelfOrganizing.pdf
NIST, FIPS PUB 180-2 — Secure Hash Standard, Processing Standards Publication 180-2 (August 2002), http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
Postel, J.: Domain Name System Structure and Delegation, RFC 1591, (March 1994), http://www.ietf.org/rfc/rfc1591.txt
Droms, R.: Dynamic Host Configuration Protocol, RFC 2131 (March 1997), http://www.faqs.org/rfcs/rfc2131.html
ISC Bind Server, Homepage, http://www.isc.org/index.pl?/sw/bind/index.php
Kaliski, B.: PKCS #7: Cryptographic Message Syntax, RFC 2315, (March 1998), http://www.ietf.org/rfc/rfc2315.txt
Pala, M.: The LibPKI project, Project Homepage, https://www.openca.org/projects/libpki/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pala, M., Smith, S.W. (2008). PEACHES and Peers. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds) Public Key Infrastructure. EuroPKI 2008. Lecture Notes in Computer Science, vol 5057. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69485-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-540-69485-4_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69484-7
Online ISBN: 978-3-540-69485-4
eBook Packages: Computer ScienceComputer Science (R0)