[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Overview of Certification Systems
List:
A newer and summarized version of the paper "Overview of
Certification Systems: X.509, CA, PGP and SKIP" is available in .pdf
and .ps formats at
http://www.mcg.org.br/certover.pdf and
http://www.mcg.org.br/certover.ps
Abstract
Cryptography and certification are considered necessary Internet
features and must be used together, for example in e-commerce. This
work deals with certification issues and reviews the three most
common methods in use today, which are based on X.509 Certificates
and Certification Authorities (CAs), PGP and, SKIP. These methods are
respectively classified as directory, referral and collaborative
based. For two parties in a dialogue the three methods are further
classified as extrinsic, because they depend on references which are
outside the scope of the dialogue. A series of conceptual, legal and
implementation flaws are catalogued for each case, emphasizing X.509
and CAs, which helps to provide users with safety guidelines to be
used when resolving certification issues. Governmental initiatives
introducing Internet regulations on certification, such as by TTP,
are also discussed with their pros and cons regarding security and
privacy. Throughout, the paper stresses the basic paradox of security
versus privacy when dealing with extrinsic certification systems,
whether with X.509 or in combination with PGP. This paper has
benefited form the feedback of the Internet community and its
expanded on-line version has received more than 50,000 Internet
visitors from more than 20,000 unique Internet sites, in 1997/98.
NOTE: The HTML version at cert.htm is still not updated, but it
contains the full original text.
Comments are welcome.
Cheers,
Ed Gerck
______________________________________________________________________
Dr.rer.nat. E. Gerck egerck@novaware.cps.softex.br
http://novaware.cps.softex.br
-- Internet saves trees, WebBoy UMC saves PCs, you save time and money