Abstract
Abstract Typical Public Key Infrastructure (Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, IETF Network Working Group, RFC 2527, 1999) includes a Certification Authority (CA) and several Registration Authorities (RA). In this report we present our solution for building the CA. Our goal was to make it secure, robust and as automated as possible. In our solution the message exchange between CAs and RAs uses signed e-mail. Supported features include issuing and revocation of certificates, information services and certificate renewal. All operations requiring a private key of the CA are held on the separate offline signing host and are fully controlled by an operator, making the CA attack proof.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Nuclear Instruments and Methods in Physics Research Section A: Accelerators, Spectrometers, Detectors and Associated Equipment
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
