Security

Implementing an SPKI Certificate Repository Within the DNS

Free registration required

Executive Summary

Authorization certificates can be used to grant access rights from the owner of a resource to other entities and then to further share these rights with others using delegation. However, when access decisions are made, the delegated rights will not be acknowledged unless all the certificates iii the delegation chain are available for verification. In this paper the authors discuss some options for having the necessary certificates available when needed, talk about a proposed solution of storing part of the chain in the DNS, and describe the implementation of DNS based SPKI certificate repository.

  • Format: PDF
  • Size: 254.54 KB