Title

Empirical Analysis of Certificate Revocation Lists

Publication Type

Conference Proceeding Article

Publication Date

7-2008

Abstract

Managing public key certificates revocation has long been a central issue in public key infrastructures. Though various certificate revocation mechanisms have been proposed to address this issue, little effort has been devoted to the empirical analysis of real-world certificate revocation data. In this paper, we conduct such an empirical analysis based on a large amount of data collected from VeriSign. Our study enables us to understand how long a revoked certificate lives and what the difference is in the lifetime of revoked certificates by certificate types, geographic locations, and organizations. Our study also provides a solid foundation for future research on optimal management of certificate revocation for different types of certificates requested from different organizations and located in different geographic locations.

Keywords

public key infrastructure, certificate revocation, empirical analysis

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Data and Applications Security XXII: 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security London, UK, July 13-16, 2008: Proceedings

Volume

5094

First Page

159

Last Page

174

ISBN

9783540705673

Identifier

10.1007/978-3-540-70567-3_13

Publisher

Springer Verlag

City or Country

London, UK

Additional URL

http://dx.doi.org/10.1007/978-3-540-70567-3_13