Abstract
We briefly consider certificate revocation lists (CRLs), and ask whether they could, and should, be eliminated, in favor of other mechanisms. In most cases, the answer seems to be βyes.β We suggest some possible replacement mechanisms.
Preview
Unable to display preview. Download preview PDF.
References
Carl M. Ellison. SPKI certificate documentation. (See http://www.clark.net/pub/cme/html/spki.html), 1998.
Loren M. Kohnfelder. Towards a practical public-key cryptosystem. B.S. Thesis, supervised by L. Adleman, May 1978.
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.
Silvio Micali. Efficient certificate revocation. Technical Report TM-542b, MIT Laboratory for Computer Science, March 22, 1996.
Moni Naor and Kobbi Nissim. Certificate revocation and certificate update. In Proceedings 7th USENIX Security Symposium (San Antonio, Texas), Jan 1998.
Ronald L. Rivest and Butler Lampson. SDSI-a simple distributed security infrastructure. (see SDSI web page at http://theory.lcs.mit.edu/ cis/sdsi.html).
Stuart Stubblebine. Recent-secure authentication: Enforcing revocation in distributed systems. In Proceedings 1995 IEEE Symposium on Research in Security and Privacy, pages 224β234, May 1995. (Oakland).
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
Β© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rivest, R.L. (1998). Can we eliminate certificate revocation lists?. In: Hirchfeld, R. (eds) Financial Cryptography. FC 1998. Lecture Notes in Computer Science, vol 1465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055482
Download citation
DOI: https://doi.org/10.1007/BFb0055482
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64951-9
Online ISBN: 978-3-540-53918-6
eBook Packages: Springer Book Archive