Revocation in WebPKI

Jul 30, 2014

50 likes | 163 Views

Revocation in WebPKI. Phill Hallam -Baker Comodo. Standards intersection. PKIX. OTHER. PKIX but not RFC5280. Semantics of Revocation Reasons Says what tag to use Not what tag means or when to use it [X.509 spec has definitions]. Servers. Is OCSP stapling supported?

Share Presentation

Embed Code

Link

supported revocation checking mechanisms
ocsp responses
apache
user experience
ocsp stapling
certificate status invalid

kanoa

Download Presentation

Revocation in WebPKI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

Revocation in WebPKI PhillHallam-Baker Comodo
Standards intersection PKIX OTHER
PKIX but not RFC5280 • Semantics of Revocation Reasons • Says what tag to use • Not what tag means or when to use it • [X.509 spec has definitions]
Servers • Is OCSP stapling supported? • Yes (Apache, IIS, LiteSpeed, ngnix) • [Is OCSP stapling on by default?] • [Does server check cert status regularly?] • [Are frequent certificate updates supported?]
Clients • Supported Revocation Checking Mechanisms • CRL / OCSP? • User Experience for Certificate Status Invalid? • User Experience for Certificate Status Valid? • What sources are trusted to sign CRLs or OCSP responses? • Does this vary for DV/EV?

DRM & Key Revocation

DRM & Key Revocation. By David Coleman. DRM & Key Revocation. Digital Rights Management – A system for controlling the use of content Key Revocation – The ability for content producers to “revoke” the ability of a given device/player to consume the content Important because…

300 views • 9 slides

Revocation by Physical Act

Revocation by Physical Act. Requirements to Revoke by Physical Act. 1. Mental Capacity. Requirements to Revoke by Physical Act. 2. Revocation Intent. Requirements to Revoke by Physical Act. 3 . Physical Act -- § 63 “destroying or canceling” By testator, or

343 views • 10 slides

Acceptance & Revocation (cont)

Acceptance & Revocation (cont). Tai Wah case (271) – lawyers and litigants sometimes are TOO creative. Buyer held 2 nd shipment of allegedly defective goods as security (leverage) to convince Seller to cure allegedly defective first shipment. Buyer lost under UCC? Why?. Basselen case (272).

511 views • 35 slides

LICENSE REVOCATION PROCESS

LICENSE REVOCATION PROCESS . Working with your Attorney Patrick C. Davidson, Esq . The Process . Schedule and Meet Early Create and Update Timeline Prepare for Hearing or Council Meeting Litigation Concerns. Schedule and Meet Early in the Process.

303 views • 14 slides

Will Revocation

Will Revocation. Revocation by Operation of Law. Types. 1. Ademption. Types. 1. Ademption 2. Divorce. Types. 1. Ademption 2. Divorce 3. Lapse. Types. 1. Ademption 2. Divorce 3. Lapse 4. Failure to survive by 120 hours. Types. 1. Ademption 2. Divorce 3. Lapse

530 views • 41 slides

Cancellation, Revocation, and Suspension

Cancellation, Revocation, and Suspension. License Responsibility. As a license holder, you are responsible for obeying all traffic laws. If you choose not to follow laws, your license can be taken away from you for a period of time and even permanently taken away.

278 views • 9 slides

Will Revocation

By Operation of Law By Physical Act By Subsequent Writing. Will Revocation. Revocation by Operation of Law. Types. 1. Ademption. Types. 1. Ademption 2. Divorce. Types. 1. Ademption 2. Divorce 3. Lapse. Types. 1. Ademption 2. Divorce 3. Lapse

243 views • 9 slides

Revocation by Subsequent Writing

Revocation by Subsequent Writing. Types of revocation writings. 1. Will. Types of revocation writings. 2. Codicil. Types of revocation writings. 3. Declaration in writing with will formalities. 9/19/2013 I revoke my Will. Tess Tater. Methods of revocation by subsequent writing.

193 views • 7 slides

Conditional Revocation

Conditional Revocation. 1. Express conditional revocation. “I revoke my will if [condition] occurs.”. 2. Implied conditional revocation (Dependent Relative Revocation). Fact Pattern: 1. Testator executed valid Will 1. 2. Testator validly revoked Will 1.

190 views • 3 slides

Restricted Delegation and Revocation in Language-Based Security

Restricted Delegation and Revocation in Language-Based Security. Mohammad Mousavi TU/Eindhoven École Polytechnique , May 2010. (Based on joint work with Doaa Hassan and Michel Reniers ). Outline. Motivation Language-Based Security: General Notions Extension to Delegation and Revocation

409 views • 28 slides

Accumulators and U-Prove Revocation

Accumulators and U-Prove Revocation. Tolga Acar , Intel Sherman S.M. Chow , The Chinese University of Hong Kong Lan Nguyen , XCG – Microsoft Research. Outline. Accumulators Definitions and Security Anonymous Revocation New scheme U-Prove Overview Revocation methods

459 views • 22 slides

Revocation by Operation of Law

Revocation by Operation of Law. Types. 1. Ademption. Types. 1. Ademption 2. Divorce. Types. 1. Ademption 2. Divorce 3. Lapse. Types. 1. Ademption 2. Divorce 3. Lapse 4. Failure to survive by 120 hours. Types. 1. Ademption 2. Divorce 3. Lapse

164 views • 8 slides

Revocation by Subsequent Writing

Revocation by Subsequent Writing. Types of revocation writings. 1. Will. Types of revocation writings. 2. Codicil. Types of revocation writings. 3. Declaration in writing with will formalities. Methods of revocation by subsequent writing. 1. Express Revocation.

208 views • 7 slides

Credentials Revocation in Vehicular Networks: Design & Evaluation

Credentials Revocation in Vehicular Networks: Design & Evaluation. Ghita Mezzour Panos Papadimitratos. Overview. Introduction Regional CRL CRL broadcast at low rate Results Conclusion. System model – General. Certification authority (CA) Road Side Units (RSUs)

469 views • 34 slides

SeGW Certificate Revocation

S40-20090119-002. 3GPP2 TSG-S WG4. SeGW Certificate Revocation. Source: QUALCOMM Incorporated Contact(s) Anand Palanigounder ( apg@qualcomm.com ) Recommendation: Discuss and adopt. FAP/SeGW certificate revocation. FAP device certificate is not needed

231 views • 6 slides

REVOCATION

REVOCATION. SCENARIO IN INDIA. By, Shailee Gupta Women Scientist TIFAC trainee K & K. REVOCATION. Revocation of patents can be made under Section 64 of the Indian Patents Act 1970. Revocation means: Cancellation of the rights granted to a person by the grant of a patent.

1.15k views • 40 slides

SECURITY PROBLEMS WITH ON-LINE REVOCATION

SECURITY PROBLEMS WITH ON-LINE REVOCATION. By Yvo Desmedt Dept. Of Computer Science Florida State University desmedt@cs.fsu.edu http://www.cs.fsu.edu/~desmedt and Royal Holloway, Univ. of London, U.K. Overview. 1. Why on-line revocation 2. What is on-line revocation

437 views • 33 slides

PROPOSAL,ACCEPTANCE AND REVOCATION

PROPOSAL,ACCEPTANCE AND REVOCATION.

771 views • 8 slides

Certificate Revocation

Certificate Revocation. Serge Egelman. Introduction. What is revocation? Why do we need it? What is currently being done?. Huh?. Certificates Are: Identity Personal Corporate Financial Overall Security. Why Revoke?. Key Compromise Forgotten Passphrase Lost Private Key Stale Keys

349 views • 22 slides

Registration Revocation in Mobile IP

Registration Revocation in Mobile IP. draft-glass-mobileip-reg-revok-00.txt (soon to be -01!) Steven M. Glass - Sun Microsystems Steven.Glass@Sun.com. Why the Need?. RFC2002, etc. was designed when access was the issue. Mobile IP's focus was on functionality.

213 views • 12 slides

Revocation by Physical Act

Revocation by Physical Act. Requirements to Revoke by Physical Act. 1. Mental Capacity. Requirements to Revoke by Physical Act. 2. Revocation Intent. Requirements to Revoke by Physical Act. 3 . Physical Act – PC § 63; EC § 253.002 “destroying or canceling” By testator, or

219 views • 11 slides

Efficient Fault-Tolerant Certificate Revocation

Efficient Fault-Tolerant Certificate Revocation. Rebecca Wright Patrick Lincoln Jonathan Millen. AT&T Labs SRI International SRI International. Public Key Certificate Revocation. Reasons for revocation: Key compromise or loss Change of employment or status

265 views • 16 slides

More Related

Revocation in WebPKI

Revocation in WebPKI

Presentation Transcript

DRM &amp; Key Revocation

Revocation by Physical Act

Acceptance &amp; Revocation (cont)

LICENSE REVOCATION PROCESS

Will Revocation

Cancellation, Revocation, and Suspension

Will Revocation

Revocation by Subsequent Writing

Conditional Revocation

Restricted Delegation and Revocation in Language-Based Security

Accumulators and U-Prove Revocation

Revocation by Operation of Law

Revocation by Subsequent Writing

Credentials Revocation in Vehicular Networks: Design &amp; Evaluation

SeGW Certificate Revocation

REVOCATION

SECURITY PROBLEMS WITH ON-LINE REVOCATION

PROPOSAL,ACCEPTANCE AND REVOCATION

Certificate Revocation

Registration Revocation in Mobile IP

Revocation by Physical Act

Efficient Fault-Tolerant Certificate Revocation

DRM & Key Revocation

Acceptance & Revocation (cont)

Credentials Revocation in Vehicular Networks: Design & Evaluation