Title :
Public-key infrastructure interoperation
Author_Institution :
One Alewife Center, VeriSign Inc., Cambridge. MA, USA
Abstract :
Certification authorities are now a reality. Commercial products enable an organization to be its own private certification authority. Certification service out-sourcers provide a more painless way to achieve the same end. Public certification service providers offer services that bind individuals or organizations together into communities. However, for certain purposes, the drive persists to link these infrastructures into ever-larger communities of interoperating infrastructures. In particular, the market demand for certificate-based single sign-on capabilities and the dream of the global Internet secure electronic mail community fuel this drive. This paper explores some major issues in achieving such interoperation, including the meaning of the cross-certification concept; the trust dilution problem; and the security, policy, and practices measures that are needed to achieve the trust needed to make such large-scale interoperation possible
Keywords :
Internet; certification; electronic mail; security of data; certification authorities; cross-certification; global Internet secure electronic mail; interoperating infrastructures; large-scale interoperation; out-sourcers; private certification authority; public certification service; public-key infrastructure; security; single sign-on capabilities; trust dilution; Authentication; Certification; Costs; Digital signatures; Electronic mail; Fuels; Internet; Large-scale systems; Public key; Public key cryptography;
Conference_Titel :
Aerospace Conference, 1998 IEEE
Conference_Location :
Snowmass at Aspen, CO
Print_ISBN :
0-7803-4311-5
DOI :
10.1109/AERO.1998.682203
