Cryptography Reference
In-Depth Information
distribution of certificates. As with PKI itself, there is no single standard.
Perhaps the most popular is the X.500 series, which is the ISO/ITU-T array of
standards with specifications in [127], and is, in fact, the underlying structure in
which the X.509 certificate originated. Proprietary directories based on X.500
include
Microsoft Exchange
, for instance. The X.500 series has standardized
protocols for obtaining data structures, thus allowing any PKI to have access
via a mechanism called a
schema
for the storage of certificates and CRL data
structures in a given entity's directory entry.
Certificate Revocation
Suppose that Alice's private key has been compromised, which means the
corresponding public key can no longer be used for Alice. The process for
alerting the rest of the network of users is
certificate-revocation checking
.We
can now invoke the earlier analogy in terms of a driver's license. A police o7cer,
upon checking a driver's license, not only verifies the date on the license, but
also calls some central police authority to confirm that the license has not been
revoked.
Certificate revocation
means marking the certificate as revoked by
the CA and placing it in a CRL. CAs issue periodic CRLs to ensure relying
parties that the most recent CRL is current, so even if there are no changes,
a CRL is issued on time according to the schedule. Also, some certificates are
cross-certified between the CAs themselves. To revoke these certificates, we
need a separate
authority revocation list
(ARL), which plays the role of CRLs.
However, revoking the PKC of a CA is rare and usually occurs when the CAs
private key is compromised.
The X.509 Version 2 standard for CRLs, as with the Version 3 certificates,
discussed earlier, has extension fields to make the CA's jobof revocation easier.
They are:
1.
Reason code
, namely, a specification of the reason for the revocation.
2.
Hold instruction code
, which is a mechanism to temporarily suspend a
certificate, and contains an
object identifier
(OID), which stipulates the
action to be taken if this field is filled.
3.
Certificate issuers
, which has the identity of the certificate issuer.
4.
Invalidity date
, which contains the date and time of the known or suspected
compromise.
There is an alternative online mechanism for certificate revocation, the most
popular being the
Online Certificate Status Protocol
(OCSP), documented in
[176] with HTTP being the most common practical mechanism (see page 219).
This is a challenge-response protocol offering a mechanism for online revocation
of data from a trusted authority, called an
OCSP responder
. However, as a mere
protocol, it does not have the capacity to store revocation data, so the OCSP
responder must obtain information from some other source. Thus, latency is
involved with its use. Moreover, it is limited to the supplying of information
Search WWH ::
Custom Search