We present a simple yet clever extension to the delta certificate revocation list(CRL) [1], the augmented certificate revocation list (ACRL). ACRLs contain revocation updates only and certificate verifiers construct complete CRLs locally. Locally constructed complete CRLs are identical to complete CRLs issued by the CRL issuer. So certificate verifiers need not download complete CRLs. ACRLs are much smaller in size compared to complete CRLs providing significant network savings. Contrary to existing opinion - that CRLs cannot provide efficient online certificate status - we present an ACRL based online certificate status scheme which has many advantages over OCSP [2]. ACRLs are backward compatible and can easily be integrated into existing X.509 CRL based schemes. © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Lakshminarayanan, A., & Lim, T. L. (2006). Augmented certificate revocation lists. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4058 LNCS, pp. 87–98). Springer Verlag. https://doi.org/10.1007/11780656_8
Mendeley helps you to discover research relevant for your work.