ECL: A TLS Extension for Authentication in Complex PKIs

  • Paul Rabinovich
  • Published 2008 in
    2008 The 9th International Conference for Young…


The existing versions of the SSL and TLS protocols allow servers to request end-entity X.509 certificates from clients by specifying a list of certificate authorities (CAs) they trust. This model is insufficient in complex PKI meshes because clients and servers separately may not possess enough information about the trust fabric to which they are attached… (More)
DOI: 10.1109/ICYCS.2008.273

7 Figures and Tables


  • Presentations referencing similar topics