PKI 6/9

• Approaches to provide status information:

  • Certificate Revocation Lists (CRLs)
  • Delta-CRLs
  • Online Certificate Status Protocol (OCSP)
  • Certificate Revocation System (CRS)
  • Certificate Revocation Trees (CRTs)
  • ...

• Unfortunately, the possibility to revoke certificates makes it necessary to operate online components (e.g., OCSP servers)

• Furthermore, the possibility to suspend certificates makes things even more complicate

Previous slide

Next slide

Back to first slide

View graphic version