This Article 
 Bibliographic References 
 Add to: 
Not Reinventing PKI until We Have Something Better
September/October 2011 (vol. 15 no. 5)
pp. 95-98
Stephen Farrell, Trinity College Dublin

Although X.509-based PKI has some well-known problems, they're being, or can be, addressed. In the past, those problems led to proposals for reinventing PKI based on other technologies. However, none of the proposals provided sufficient additional benefit to gain broad adoption. While there are reasons to change and evolve X.509-based PKI, for the present there are no compelling reasons to reinvent the technology.

1. D. Cooper et al., Internet X.509 Public-Key Infrastructure Certificate and Cer-tificate Revocation List (CRL) Profile, IETF RFC 5280, May 2008;
2. P. Hallam-Baker, "The Recent RA Com-promise," blog, 23 Mar. 2011, the-recent-ra-compromise/.
3. J. Callas et al., OpenPGP Message Format, IETF RFC 4880, Nov. 2007;
4. C. Ellison et al., SPKI Certificate Theory, IETF RFC 2693, Sept. 1999;
5. P. Hallam-Baker and S. Mysore, XML Key Management Specification (XKMS 2.0), W3C recommendation, June 2005;
6. R. Arends et al., DNS Security Introduction and Requirements, IEFT RFC 4033, Mar. 2005;

Index Terms:
PKI, reinvention, X.509, Internet security
Stephen Farrell, "Not Reinventing PKI until We Have Something Better," IEEE Internet Computing, vol. 15, no. 5, pp. 95-98, Sept.-Oct. 2011, doi:10.1109/MIC.2011.120
Usage of this product signifies your acceptance of the Terms of Use.