Abstract:Optimal PKI life cycle management depends directly on the strategy to deal with the update and replacement of CA certificates and CA private keys. To reach optimal strategy, it is necessary to develop methods that the replacement is executed to match the specific needs of each PKI. Only one strategy is defined in RFC 4210, but real PKIs need a variety of different strategies. This paper classifies these strategies and presents the corresponding procedures to replace certificates and private keys.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.