[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CRLs as wandering anti-matter

To: Carl Ellison <cme@cybercash.com>
Subject: Re: CRLs as wandering anti-matter
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Date: Fri, 04 Apr 1997 20:09:11 -0500
Cc: dpkemp@missi.ncsc.mil (David P. Kemp), spki@c2.net
In-Reply-To: cme's message of Fri, 04 Apr 1997 17:05:36 -0500. <3.0.1.32.19970404170536.04b75f80@cybercash.com>
Sender: owner-spki@c2.net

> 	If you have dated CRLs, then you have effectively a two-part certificate, 
> each with a date range and therefore the combination has a date range.
> The combination is equivalent to a short-expiry certificate, probably in
> execution time as well as net traffic.
> 
>  - Carl

Actually, short-lived certificates likely involve *less* traffic than
CRL's with an equivalent lifespan.  CRL's move work from the signer to
the verifier.

Let's consider the case of 100 clients, each from 10 different CA's,
each making 10 requests during the short-validity-period to a single
server.  I'm going to be a fuzzy about the distinction between CA and
certificate repository here.

Assume mutual authentication is in use.

short-lived certificates:
	
	The server initiates one `transaction' with a CA
		to get its short-lived certificate.

	Each client does one `transaction' with a CA,
	and 10 `transactions' with the server.

	total traffic:
		101 transactions to CAs
		1000 transactions to server.

short-lived crl's:
	each client does one transaction with a CA for the CRL
		covering the server.
	and does 10 transactions with the server, 

	each server does one transaction per unique CA with the
		various ca's to get the CRL covering the client.

	total traffic:
		110 transactions to CAs
		1000 transactions to server.

0) this *assumes* that caching is in place and nothing gets bumped out
of the cache..

1) Note that, in the CRL case, all the additional work is given to the
server.  Given that one maxim for building high-fanout distributed
systems is "move the work to the client", this seems *very* wrong..

2) also note that fetching the CRL covering the client has to happen
while the client is waiting for the server to finish... i.e., this
adds latency, and variability in latency, to transactions, which users
will find very annoying.  Short-lifetime certificates can be requested
asynchronously a short while in advance of when they're needed (e.g.,
shortly before the previous one expires), so they don't necessarily
introduce any additional latency into the system.

						- Bill

References:

CRLs as wandering anti-matter

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: Bignums
Next by Date: Re: Bignums
Prev by thread: CRLs as wandering anti-matter
Next by thread: Re: Light-weight certificate revocation lists ?
Index(es):
- Main
- Thread