|
|
|
Ellison explores methods of binding an identity to a public key without using certificates [327].
The Internet Security Association and Key Management Protocol [666] deals with key exchange and authentication on the Internet. Several key exchange protocols are based on classical cryptosystems [163, 768]. Protocols based on public key methods abound (see, for example, [764, 790, 991, 1056]).
Several papers discuss issues in public key infrastructure, including interoperation [501, 502, 852], organization [623, 644], requirements [40, 853], and models [232, 800]. Park and Sandhu [796] have proposed extensions for X.509v3 certificates. Adams and Lloyd [7] discuss many aspects of public key infrastructures.
Several key escrow schemes explore different ways to control access. Burmester et al. [162] present a protocol with a limited time span. Several authors discuss the nontechnical aspects of the proposed U.S. key escrow system (for example, see [704, 886, 961]). Clark [197] and Walker et al. [1032] discuss the relationship between key recovery and key escrow. Others have proposed enhancements and extensions of various Internet protocols for key recovery [57, 660, 890].
Digital signature protocols abound. One standard, the DSS [747], uses a variant of El Gamal; Rivest and others have criticized some of its features [843]. Others, especially those associated with the ITU's X.500 series of recommendations, recommend (but do not require) RSA. Grant's book [416] discusses digital signatures in general and presents many case studies.
The electronic commerce protocol SET [904, 905, 906] uses dual digital signatures to tie components of messages together in such a way that neither the messages nor their association can be repudiated. Ford and Baum [365] discuss SET and the supporting infrastructure. Ghosh [389] provides a balanced view of the dangers of Internet commerce using the Web.
|
|
|
| Top |