Skip to main content

Modifying LDAP to Support PKIs

Chadwick, David W. and Sahalayev, M. and Ball, E. (2003) Modifying LDAP to Support PKIs. In: Data and Applications Security XVII Status and Prospects. IFIP - The International Federation for Information Processing, 142 . Springer, Boston, Massachusetts, USA, pp. 205-214. ISBN 978-1-4020-8069-2. E-ISBN 978-1-4020-8070-8. (doi:10.1007/1-4020-8070-0_15) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided)

The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. (Contact us about this Publication)
Official URL
http://dx.doi.org/10.1007/1-4020-8070-0_15

Abstract

One of the impediments to a successful roll out of public key infrastructures (PKIs), is that Lightweight Directory Access Protocol (LDAP) directories do not fully support PKIs. In particular, it is not possible to search for X.509 attributes (certificates or CRLs) that match user defined criteria. This paper describes the various approaches that have been suggested for enabling users to search for X.509 attributes, namely component matching and attribute extraction. The implementation of attribute extraction in the OpenLDAP product is then described.

Item Type: Book section
DOI/Identification number: 10.1007/1-4020-8070-0_15
Uncontrolled keywords: X.509; public key certificates; attribute certificates; CRLs; PKI; LDAP; Search
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:00 UTC
Last Modified: 23 Jan 2020 04:02 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/13935 (The current URI for this page, for reference purposes)
Chadwick, David W.: https://orcid.org/0000-0003-3145-055X
  • Depositors only (login required):