Skip to main content

How Can I Trust an X.509 Certificate? An Analysis of the Existing Trust Approaches

Wazan, Ahmad Samer and Laborde, Romain and Chadwick, David W. and Barrere, Francois and Benzekri, Abdelmalek (2016) How Can I Trust an X.509 Certificate? An Analysis of the Existing Trust Approaches. In: 2016 IEEE 41st Conference on Local Computer Networks (LCN). IEEE, pp. 531-534. ISBN 978-1-5090-2055-3. E-ISBN 978-1-5090-2054-6. (doi:10.1109/LCN.2016.85)

PDF - Author's Accepted Manuscript
Download (297kB) Preview
[img]
Preview
Official URL
http://dx.doi.org/10.1109/LCN.2016.85

Abstract

A Public Key Infrastructure (PKI) is based on a trust model defined by the original X.509 standard and is composed of three entities: the Certification Authority, the certificate holder (subject) and the Relying Party. The CA plays the role of a trusted third party between the subject and the RP. A trust evaluation problem is raised when an RP receives a certificate from an unknown subject that is signed by an unknown CA. Different approaches have been proposed to handle this trust problem. We argue that these approaches work only in the closed deployment model where RPs are also subjects, but cannot work in the open deployment model where they are not. Our objective is to identify the deficiencies in the existing trust approaches that try to help RPs to make trust decisions about certificates in the Internet, and to introduce the new X.509 approach based on a trust broker.

Item Type: Book section
DOI/Identification number: 10.1109/LCN.2016.85
Uncontrolled keywords: topology; certification; law; logic gates; standards; interoperability
Subjects: Q Science
T Technology
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: David Chadwick
Date Deposited: 07 Aug 2017 13:28 UTC
Last Modified: 26 Sep 2019 08:51 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/62570 (The current URI for this page, for reference purposes)
Chadwick, David W.: https://orcid.org/0000-0003-3145-055X
  • Depositors only (login required):

Downloads

Downloads per month over past year