Skip to main content
SpringerLink
Log in

Certificate revocation: Mechanics and meaning

  • Conference paper
  • First Online:
Book cover Financial Cryptography (FC 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1465))

Included in the following conference series:

Abstract

Revocation of public key certificates is controversial in every aspect: methodology, mechanics, and even meaning. This isn't so surprising, though, when considered in the context of current public key infrastructure (PKI) implementations. PKIs are still immature; consumers, including application developers and end-users, are just beginning to understand the implications of large-scale, heterogeneous PKIs, let alone PKI subtleties such as revocation. In this paper, which is the product of a panel discussion at Financial Cryptography '98, we illustrate some of the semantic meanings possible with current certificate revocation technology and their impact on the process of determining trust relationships among public keys in the PKI. Further, we postulate that real-world financial applications provide analogous and appropriate models for certificate revocation.

The opinions expressed in this paper are those of the authors and are not necessarily those of Microsoft Corporation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Warwick Ford and Michael Baum, Secure Electronic Commerce, Prentice Hall, 1997.

    Google Scholar 

  2. OpenPGP Working Group, Internet Engineering Task Force. “OP Formats — OpenPGP Message Format,” Jon Callas, Lutz Donnerhacke, Hal Finney, and Rodney Thayer, eds., work in progress. (Draft as of March, 1998, available from http://www.ietf.org/internet-drafts/draft-ietf-openpgp-formats-01.txt.)

    Google Scholar 

  3. J. O'Reilley. Information Security Strategies (ISS), Research Note, Key Issue Analysis, The Gartner Group, 21 July 1997.

    Google Scholar 

  4. PKIX Working Group, Internet Engineering Task Force. “Internet Public Key Infrastructure: X.509 Certificate and CRL, Profile,” R. Housley, W. Ford, W. Polk, D. Solo, eds., work in progress. (Draft as of March, 1998, available from http://www.ietf.org/internet-drafts/draft-ietf-pkix-ipki-partl-07.txt.)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Corporation, One Microsoft Way, 98052, Redmond, WA, USA

    Barbara Fox & Brian LaMacchia

Authors
  1. Barbara Fox
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Brian LaMacchia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Rafael Hirchfeld

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fox, B., LaMacchia, B. (1998). Certificate revocation: Mechanics and meaning. In: Hirchfeld, R. (eds) Financial Cryptography. FC 1998. Lecture Notes in Computer Science, vol 1465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055479

Download citation

  • DOI: https://doi.org/10.1007/BFb0055479

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64951-9

  • Online ISBN: 978-3-540-53918-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation