Re: CRLs versus short Validity periods

[Bill Stewart <stewarts@ix.netcom.com>]

At 03:48 PM 2/29/96 -0500, you wrote:
>This may be obvious to some folks, but I finally worked out a potential
>performance advantage to not having CRLs.  

>For this purpose, I imagine the following two certs:
[One with 2-day cert lifetime, one with pointer to CRL with 2-day validity]
....
>So, doing a performance comparison between (0) [no CRLs], (a) and (b):
>                       (0)             (a)             (b)
>Network traffic         2 certs         2 certs         1 small; 1 CRL (large)
>Issuer signatures       1 cert          1 response      (fractional)
>Verifier sig checks     1 cert          1 cert; 1 resp  1 cert; 1 CRL
>which tells me that (0) is strictly better than (a) and that
>the comparison between (0) and (b) depends on the relative costs of
>network traffic and Issuer digital signature generation.  If the Issuer
>is really hobbled by doing new signatures and if new entries are
>added to the CRL only very rarely, then (b) might win over (0).
>Otherwise, the extra network load and Verifier CPU load suggests that (0)
>is better than (b).

Incremental CRLs substantially reduce the network traffic required in (b),
though they may occasionally still be large.

Perhaps this isn't really relevant for SPKI, but the way I normally use
systems like PGP and RIPEM is such that I don't need to get certifications
very often, and there's a human in the loop when I get or issue them.
You could automate the certification-generation process, but I consider
certifications to be more sensitive than most data signing or encryption,
and I'm not sure that I'm comfortable with the vulnerability.

---

• Prev by Date: ANSI X9 version of X.509, and Draft Amendment available on request.
• Next by Date: ansi/ccitt doc availability
• Prev by thread: RE: CRLs versus short Validity periods
• Next by thread: the problem of loaning of private keys
• Index(es):
  • Main
  • Thread