TECHNOLOGY FOR CHANGE

Dartmouth Scientists Hard at Work on PKI Fix

Stan Gibson | Date: 07-13-09 | Comments

• 41
• PrintPDF
• Filed Under: Technology For Change




• Certificates sometimes need to be revoked, and when they are, the mechanism for spreading word on the Internet is so cumbersome as to be practically unusable beyond narrowly defined groups.

• Widely hailed as a critical technology for Internet commerce and e-government, PKI (Public Key Infrastructure) has suffered from inherent design flaws that have hobbled adoption and kept it from achieving its full promise. For PKI to work, a trusted certificate must be issued to a user. But certificates sometimes need to be revoked and when they are, the mechanism for spreading word on the Internet is so cumbersome as to be practically unusable beyond narrowly defined groups.
  That’s a problem on which researchers at Dartmouth College in Hanover, N. H., are hard at work to solve with a technology known as PRQP (PKI Resource Query Protocol).
  
  “Without PRQP, finding critical replication information can be problematic. How do you know where to look to seek whether the issuer of a certificate has revoked it? In practice, it may be impossible to tell if it had been revoked without PRQP, even though in theory it should work. PRQP tries to distribute this information,” said Dartmouth Professor Sean Smith.
  
  The critical enhancement to PKI took a step nearer to reality recently when it was taken up by the Internet Engineering Task Force (IETF) earlier this year in the PKI X working group. Protocols sometimes gain wide adoption even before gaining the full blessing of the IETF, a process which can take years.

  PRQP will gain further currency in the fall of 2009 when it will be included in Open CA, open source software for issuing digital certificates, according to Massimiliano Pala, research fellow at Dartmouth’s Institute for Security, Technology, and Society (ISTS). Open CA is currently being used by some governments and other organizations, according to Pala. The researcher also said he is working on a PRQP client for Mozilla’s Firefox browser, which will be available in September.

  The PRQP work at Dartmouth has been funded by the U. S. Department of Homeland Security.

   

IBM Resources

• End to End Virtualization: A holistic approach for a dynamic environment.
• Business Analytics and Optimization Jumpstart: Embedding analytics to transform insights into action
• Cloud computing insights from 110 implementation projects
• Capturing the Potential of Cloud
• Analytics - the new path to value
• Social Business: Advent of a new age
• Becoming a Social Business: The IBM Story
• Meeting the Demands of the Smarter Consumer
• Business agility powers innovation, transformation and growth
• Inside the Midmarket - A 2011 Perspective
• Building a strong enterprise cloud foundation is critical to manage growth for SaaS providers
• Blue Cross Blue Shield of South Carolina: A Model of IT Efficiency
• A Simple Idea that Changed the World

Most Read

• Why Smart Companies Should Adopt the Lessons of Gaming
• Top Five Cloud Trends for 2012
• New Tool Analyzes Data Without Bias
• Real-Time Analytics Takes a Bite Out of Crime
• Hadoop Takes a Giant Step Toward the Enterprise
• Universities Worldwide to Introduce Analytics Education
• Chattanooga Builds a Smart City
• Software Development Gets Agile
• Brain Microchip Faster Than Humans

Trending

• Rolls-Royce, ASU Partnership to Combat Billions in Health Insurance Fraud
• Video Analytics Boosts Business Intelligence
• Technology Transforming IT in 2012
• Print/TV Ads Retread for Social Media
• Las Vegas PD to Get Crime Analytics
• Is Voice Microblogging the Next Social Media Trend?
• Cyber Monday Sees Massive Growth
• How to Improve Crowd-Sourced Information
• App Tracks New Year's Resolutions Progress

RELATED CONTENT

• Synergies Abound When Health Care Organizations Tap Social Media
• Tool Improves Security and Understanding of DNS Configurations
• EyePhone Provides New Hands-Free Technology
• Eric Lundquist Decodes Time's Top 50 Innovations of 2009 for IT Managers
• 10 Technology Exchanges Needed Now
• Smarter Phase Change Memory Beats Flash
• What's Next for Watson?

Videos

TWITTER FEED

• about 13 hours agoDid you know we have an #IBMcloud Facebook page? It's true! Like us: http://t.co/M8zpLAsu
  
• about 13 hours agoThx for the RTs! @sengork @krock_tx @kiril_kirov @MTCurrieIBM @mirv_pgh @ibmsaas @ESRVCI @AMonsef82 @jopemoro @RiaHyman @thinkovation
  
• about 14 hours agoFrom earlier: Maximize the value of Salesforce.com via IBM Cast Iron bit.ly/A7xldu #cloud #SaaS #CRM #thoughtsoncloud
  
• about 15 hours agoValuable post by @bnhall RT @theRab: 2012: The Year of Hybrid #Cloud? http://t.co/oaOQSsPS
  
• about 17 hours agoNow avail! Access data from virtually anywhere w/ IBM #SmartCloud Enterprise Object Storage ibm.co/yoQqr2 (scroll down for deets) #ibmcloud
  
• about 18 hours agoGreat post by @RealTimeCloud about the benefits of hybrid #cloud, inspired by Jan. #cloudchat http://t.co/xB5Jr089
  
• about 19 hours agoFresh post: Maximize the value of Salesforce.com via IBM Cast Iron http://t.co/eljpH06N #cloud #SaaS #CRM #thoughtsoncloud
  
• about 21 hours agoGreat news: Object Storage on IBM #SmartCloud Enterprise is now available! http://t.co/cycw2Cdk (scroll down for details) #ibmcloud
  
• about 21 hours agoBookmark-worthy! 13 Best Practices for IBM #SmartCloud Enterprise by expert @ITDoVe http://t.co/zv48n8re #ibmcloud #publiccloud
  
• Feb 1st 2:10 PMFresh post: Interview with portal lead cloud developer Paul Kelsey http://t.co/WhtJgtz2 #ibmcloud (Via @FangFeng88)
  
< PrevNext >

JOIN US

Like us on Facebook Follow us on Twitter Get the Smarter Tech Newsletter Register for the "Data Center Optimization Techniques: Stop Wasting Time & Money" eSeminar on Thursday February 16 at 10:00 a.m. Pacific / 1:00 p.m. Eastern.Register Now >

Connect with the The Future of IT Architecture blog