|
|
计算机应用研究 2004
Analysis and Design of Certificate Revocation Mechanism
|
Abstract:
Certificate revocation is the most costly aspect of running a large scale PKI.This paper analyzes several different certificate revocation mechanisms,compares CRL,Delta-CRL,Segment CRL and Over-issued CRL in peak request rate,peak bandwidth and user query cost and discusses their disadvantages and merits.Finally,certificate revocation systems are presented based on vary PKI scale.
