Not Reinventing PKI until We Have Something Better

Stephen Farrell

doi:10.1109/MIC.2011.120

Internet Computing
2011
Issue No. 5 - September/October
Abstract - Not Reinventing PKI until We Have Something Better

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Stephen Farrell

Not Reinventing PKI until We Have Something Better

September/October 2011 (vol. 15 no. 5)

pp. 95-98

	ASCII Text	x
	Stephen Farrell, "Not Reinventing PKI until We Have Something Better," IEEE Internet Computing, vol. 15, no. 5, pp. 95-98, September/October, 2011.

	BibTex	x
	@article{ 10.1109/MIC.2011.120, author = {Stephen Farrell}, title = {Not Reinventing PKI until We Have Something Better}, journal ={IEEE Internet Computing}, volume = {15}, number = {5}, issn = {1089-7801}, year = {2011}, pages = {95-98}, doi = {http://doi.ieeecomputersociety.org/10.1109/MIC.2011.120}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Internet Computing TI - Not Reinventing PKI until We Have Something Better IS - 5 SN - 1089-7801 SP95 EP98 EPD - 95-98 A1 - Stephen Farrell, PY - 2011 KW - PKI KW - reinvention KW - X.509 KW - Internet security VL - 15 JA - IEEE Internet Computing ER -

Stephen Farrell, Trinity College Dublin

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MIC.2011.120

Although X.509-based PKI has some well-known problems, they're being, or can be, addressed. In the past, those problems led to proposals for reinventing PKI based on other technologies. However, none of the proposals provided sufficient additional benefit to gain broad adoption. While there are reasons to change and evolve X.509-based PKI, for the present there are no compelling reasons to reinvent the technology.

1. D. Cooper et al., Internet X.509 Public-Key Infrastructure Certificate and Cer-tificate Revocation List (CRL) Profile, IETF RFC 5280, May 2008; www.ietf.org/rfcrfc5280.txt.
2. P. Hallam-Baker, "The Recent RA Com-promise," blog, 23 Mar. 2011, http://blogs.comodo.com/it-security/data-security the-recent-ra-compromise/.
3. J. Callas et al., OpenPGP Message Format, IETF RFC 4880, Nov. 2007; www.ietf.org/rfcrfc4880.txt.
4. C. Ellison et al., SPKI Certificate Theory, IETF RFC 2693, Sept. 1999; www.ietf.org/rfcrfc2693.txt.
5. P. Hallam-Baker and S. Mysore, XML Key Management Specification (XKMS 2.0), W3C recommendation, June 2005; www.w3.org/TRxkms2/.
6. R. Arends et al., DNS Security Introduction and Requirements, IEFT RFC 4033, Mar. 2005; www.ietf.org/rfcrfc4033.txt.

Index Terms:

PKI, reinvention, X.509, Internet security

Citation:

Stephen Farrell, "Not Reinventing PKI until We Have Something Better," IEEE Internet Computing, vol. 15, no. 5, pp. 95-98, Sept.-Oct. 2011, doi:10.1109/MIC.2011.120

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.