Incorporação de Certificados SPKI/SDSI ao Protocolo SSL
Abstract
Since 1978, when Kohnfelder introduced the concept of digitals certificates, one originated the false idea that the only function of the digitals certificates is to associate a name to a public key, as it occurs on the X.509 certificates. Rivest, Lampson and Carl Ellisson propose a new infrastructure of public key SPKI/SDSI (Simple Public Key Infrastructure/Simple Distributed Security Infrastructure), where it is introduced the concept of authorization certificates, local space of names and it is banished the role of Certification Authority. We will discuss about the present theory on the SPKI/SDSI certificates and analyse the possible modification to be made in the SSL protocol in order to support these certificatesReferences
Diffie, W., Hellman, M., New Directions in Criptography. IEEE Transactions on Information Theory IT-22, Novembro 1976.
Konhfelder, L. , Towards a Practical public-key cryptosystem, M.I.T. Thesis, Maio 1978.
Ellison, C. M., SPKI Requirements, RFC2692 Fevereiro 1997.
Rivest, R., Lampson, L., SDSI - A Simple Distributed Security Infrastructure, http://theory.lcs.mit.edu/~rivest/sdsi.html, 1996.
Elien, J. , Certificate Discovery Using SPKI/SDSI 2.0 Certificates, M.I.T. Thesis, Maio 1998.
Rivest, R. , Can We Eliminate Certificate Revocation Lists ?, M.I.T 1998.
Ellison, C. M., Establishing identity without certification authorities, 6th USENIX Security Symposium, Julho 1996.
Blaze M., Feigenbaum J., Lacy J., Decentralized Trust Management, IEEE Symposium on Security and Privacy, Maio 1996.
Lampson, B., Abadi M., Burrows M., Wobber E., Authentication in Distributed Systems: Theory and Practice, Novembro 1992.
NCSA, A guide to understanding Discretionary Access Control is Trusted Systems, Novembro 1987.
Ellison, C. M., Rivest, R., Lampson B., Frantz, B., Thomas, B. M., Ylonen T., SPKI Certificate Theory ,RFC2693 Setembro 1996.
Netscape Corporation, SSL 3.0 Specification, http://home.netscape.com/eng/ssl3, Novembro 1996.
Schneier B., Elisson C. , Ten Risks of PKI, http://www.counterpane.com/pki-risks.pdf, Janeiro 2000.
Partanen J., http://www.tml.hut.fi/Research/TeSSA/Old_pages/SPKI/TeSSA-SPKI-alpha1.zip
Universidade de Queensland , Java Crypto and Security Implementation http://security.dstc.edu.au/projects/java/jcsi.html
Maywah, A. J., An Implementation of a Secure Web Client Using SPKI/SDSI Certificates, M.I.T. Thesis, Junho 2000.
Konhfelder, L. , Towards a Practical public-key cryptosystem, M.I.T. Thesis, Maio 1978.
Ellison, C. M., SPKI Requirements, RFC2692 Fevereiro 1997.
Rivest, R., Lampson, L., SDSI - A Simple Distributed Security Infrastructure, http://theory.lcs.mit.edu/~rivest/sdsi.html, 1996.
Elien, J. , Certificate Discovery Using SPKI/SDSI 2.0 Certificates, M.I.T. Thesis, Maio 1998.
Rivest, R. , Can We Eliminate Certificate Revocation Lists ?, M.I.T 1998.
Ellison, C. M., Establishing identity without certification authorities, 6th USENIX Security Symposium, Julho 1996.
Blaze M., Feigenbaum J., Lacy J., Decentralized Trust Management, IEEE Symposium on Security and Privacy, Maio 1996.
Lampson, B., Abadi M., Burrows M., Wobber E., Authentication in Distributed Systems: Theory and Practice, Novembro 1992.
NCSA, A guide to understanding Discretionary Access Control is Trusted Systems, Novembro 1987.
Ellison, C. M., Rivest, R., Lampson B., Frantz, B., Thomas, B. M., Ylonen T., SPKI Certificate Theory ,RFC2693 Setembro 1996.
Netscape Corporation, SSL 3.0 Specification, http://home.netscape.com/eng/ssl3, Novembro 1996.
Schneier B., Elisson C. , Ten Risks of PKI, http://www.counterpane.com/pki-risks.pdf, Janeiro 2000.
Partanen J., http://www.tml.hut.fi/Research/TeSSA/Old_pages/SPKI/TeSSA-SPKI-alpha1.zip
Universidade de Queensland , Java Crypto and Security Implementation http://security.dstc.edu.au/projects/java/jcsi.html
Maywah, A. J., An Implementation of a Secure Web Client Using SPKI/SDSI Certificates, M.I.T. Thesis, Junho 2000.
Published
2001-03-05
How to Cite
SOUZA, Cristian Ferreira de; MATTOS, Luiz Antônio da Frota.
Incorporação de Certificados SPKI/SDSI ao Protocolo SSL. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 1. , 2001, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2001
.
p. 26-31.
DOI: https://doi.org/10.5753/sbseg.2001.21281.
