Considering the PKI (public key infrastructure) interoperability problem, we bring out a VBCA (virtual bridge certificate authority) model and detail the construction, maintenance and usage of the model. Two basic tools are used: one is the well-exploited threshold signature technique and the other is a data structure that is called DsCert (double signature certificate). Benefit from these tools, one can use the VBCA to bridge two trust points, and then end entities relying on these points can establish trust relationship. A VBCA model is featured by local CA (certificate authority) autonomy, democratic decision, and efficient path processing. This model overcomes the BCA (bridge certificate authority) compromise problem and removes the cross certificates among trust domains.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
- A Virtual Bridge Certificate Authority Model
- Springer Berlin Heidelberg