Dartmouth College Computer Science
Technical Report series
TR search TR listserv
|By author:||A B C D E F G H I J K L M N O P Q R S T U V W X Y Z|
|By number:||2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1998, 1997, 1996, 1995, 1994, 1993, 1992, 1991, 1990, 1989, 1988, 1987, 1986|
The trustworthiness of any Public Key Infrastructure (PKI)
rests upon the expectations for trust, and the degree to which those ex-
pectations are met. Policies, whether implicit as in PGP and SDSI/SPKI
or explicitly required as in X.509, document expectations for trust in a
PKI. The widespread use of X.509 in the context of global e-Science
infrastructures, financial institutions, and the U.S. Federal government
demands efficient, transparent, and reproducible policy decisions. Since
current manual processes fall short of these goals, we designed, built,
and tested computational tools to process the citation schemes of X.509
certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy
Repository, PolicyBuilder, and PolicyReporter improve the consistency
of certificate policy operations as actually practiced in compliance au-
dits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal
and experimental evaluation of our tools on real-world tasks establishes
their actual utility and suggests how machine-actionable policy might
empower individuals to make informed trust decisions in the future.
Bibliographic citation for this report: [plain text] [BIB] [BibTeX] [Refer]
Or copy and paste:
Gabriel A. Weaver, Scott Rea, and Sean W. Smith, "A Computational Framework for Certificate Policy Operations." Dartmouth Computer Science Technical Report TR2009-650, June 2009.
Notify me about new tech reports.
Search the technical reports.
To receive paper copy of a report, by mail, send your address and the TR number to reports AT cs.dartmouth.edu
Copyright notice: The documents contained in this server are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Technical reports collection maintained by David Kotz.