首页> 外文会议>European PKI(Public Key Infrastructure) Workshop: Theory and Practice(EuroPKI 2006); 20060619-20; Turin(IT) >Use of a Validation Authority to Provide Risk Management for the PKI Relying Party
【24h】

Use of a Validation Authority to Provide Risk Management for the PKI Relying Party

机译:使用验证机构为PKI依赖方提供风险管理

获取原文
获取原文并翻译 | 示例

摘要

Interoperability between PKIs (Public Key Infrastructure) is a major issue in several electronic commerce scenarios. A Relying Party (RP), in particular in an international setting, should not unduly put restrictions on selection of Certificate Authorities (CA) by its counterparts. Rather, the RP should be able to accept certificates issued by any relevant CA. Such acceptance implies not only the ability to validate certificates, but also an assessment of the risk related to acceptance of a certificate for the purpose at hand. We analyse common PKI trust models with respect to risk management, and argue that an independent, trusted Validation Authority (VA) may be a better approach for this task. A VA as suggested by this paper will also remove the need for complicated certificate path processing.
机译:在多个电子商务场景中,PKI(公共密钥基础结构)之间的互操作性是一个主要问题。依赖方(RP),尤其是在国际环境中,不应过分地限制其对等方选择证书颁发机构(CA)。相反,RP应该能够接受任何相关CA颁发的证书。这种接受不仅意味着验证证书的能力,还意味着对与为达到目的而接受证书有关的风险进行评估。我们分析了有关风险管理的常见PKI信任模型,并认为独立,可信任的验证机构(VA)可能是完成此任务的更好方法。本文建议的VA也将消除对复杂的证书路径处理的需求。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号