Abstract
One of the highly sensitive problems that need careful consideration when employing public-key technology in IT systems is the validation of the digital certificates used. In particular, one of the steps that must be performed is checking the revocation status of the certificate. With real-time revocation checking, a PKI-enabled system that needs to validate a certificate executes an on-line transaction with a specialized server - designated by a certification authority to provide signed responses containing certificate status information. At the end of the transaction, an indication of the current revocation status of the certificate is returned. This paper presents the implementation of a system providing online certificate status service to end entities and proposes a simple OCSP (on-line certificate status protocol) client API which can be easily integrated into PKI-aware applications with the aim of performing on-line revocation-checking. Finally, the implementation's performance was measured and the acquired results are presented and analyzed.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
