Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
7-2008
Abstract
Managing public key certificates revocation has long been a central issue in public key infrastructures. Though various certificate revocation mechanisms have been proposed to address this issue, little effort has been devoted to the empirical analysis of real-world certificate revocation data. In this paper, we conduct such an empirical analysis based on a large amount of data collected from VeriSign. Our study enables us to understand how long a revoked certificate lives and what the difference is in the lifetime of revoked certificates by certificate types, geographic locations, and organizations. Our study also provides a solid foundation for future research on optimal management of certificate revocation for different types of certificates requested from different organizations and located in different geographic locations.
Keywords
public key infrastructure, certificate revocation, empirical analysis
Discipline
Information Security
Research Areas
Information Security and Trust
Publication
Data and Applications Security XXII: 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security London, UK, July 13-16, 2008: Proceedings
Volume
5094
First Page
159
Last Page
174
ISBN
9783540705673
Identifier
10.1007/978-3-540-70567-3_13
Publisher
Springer Verlag
City or Country
London, UK
Citation
WALLECK, Daryl; LI, Yingjiu; and Xu, Shouhuai.
Empirical analysis of certificate revocation lists. (2008). Data and Applications Security XXII: 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security London, UK, July 13-16, 2008: Proceedings. 5094, 159-174.
Available at: https://ink.library.smu.edu.sg/sis_research/421
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://doi.org/10.1007/978-3-540-70567-3_13