Abstract
Public Key Infrastructures (PKI), as a part of Grid Security Infrastructures (GSI), offers authentication service for Grid entities. In CA inter-operation, aiming at the shortcoming of the existed online certificate status protocol (OCSP) which can only get the certificationpsilas status information whether the certification is revoked, this paper proposes an extended OCSP protocol that can provide trusted status information of certificate to benefit the certificate validation efficiently. A grid environment is built to verify the feasibility and the efficiency of the extended OCSP protocol. The paper deals with the running requirement and the data description of the client and each extended OCSP responder in detail. It describes the processing algorithm of each responder. In order to improve the efficiency of the system, the path length constraint and time constraint of request transmitting are designed specially. Theory and experiments all prove that the extended OCSP system improves the efficiency of certificate verification effectively.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
