Jones et al., 2005 - Google Patents

Layering a Public Key Distribution Service Over Secure DNS:“Everybody Comes to RIKS”

Jones et al., 2005

Document ID: 12243323920524381608
Author: Jones J; Berger D; Ravishankar C
Publication year: 2005

External Links

Cited by

Snippet

Abstract We present the Internet Key Service (IKS), a distributed architecture for authenticated distribution of public keys, layered on Secure DNS (DNSSEC). Clients wishing to manage or retrieve public keys use DNSSEC to securely discover the identities of the …

Continue reading at www.cs.ucr.edu (PDF) (other versions)

238000009826 distribution 0 title abstract description 37

Classifications

- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12056—Directories; name-to-address mapping involving standard directories and standard directory access protocols
- H04L29/12066—Directories; name-to-address mapping involving standard directories and standard directory access protocols using Domain Name System [DNS]
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12103—Directories; name-to-address mapping using an address exchange platform which sets up a session between two nodes, e.g. Rendezvous server
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12132—Mechanisms for table lookup, also between directories; Directory data structures; Synchronization of directories
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12113—Directories; name-to-address mapping for service discovery
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/15—Directories; Name-to-address mapping
- H04L61/1505—Directories; Name-to-address mapping involving standard directories or standard directory access protocols
- H04L61/1511—Directories; Name-to-address mapping involving standard directories or standard directory access protocols using domain name system [DNS]
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12018—Mapping of addresses of different types; address resolution
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12792—Details
- H04L29/1282—Proxying of addresses
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/15—Directories; Name-to-address mapping
- H04L61/1505—Directories; Name-to-address mapping involving standard directories or standard directory access protocols
- H04L61/1529—Directories; Name-to-address mapping involving standard directories or standard directory access protocols using voice over internet protocol [VoIP] directories, e.g. session initiation protocol [SIP] registrar or H.323 gatekeeper
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Similar Documents

Publication	Publication Date	Title
AU2021206913B2 (en)	2023-02-23	Systems and methods for distributed data sharing with asynchronous third-party attestation
Laurie et al.	2021	Certificate transparency version 2.0
Singla et al.	2018	Blockchain-based PKI solutions for IoT
US8898457B2 (en)	2014-11-25	Automatically generating a certificate operation request
US7844816B2 (en)	2010-11-30	Relying party trust anchor based public key technology framework
US9225525B2 (en)	2015-12-29	Identity management certificate operations
US7428749B2 (en)	2008-09-23	Secure delegation using public key authorization
CN113055363B (en)	2023-07-04	Identification analysis system implementation method based on blockchain trust mechanism
CN102045413B (en)	2013-01-02	DHT expanded DNS mapping system and method for realizing DNS security
Basney et al.	2013	CILogon: A federated X. 509 certification authority for cyberinfrastructure logon
US20120124369A1 (en)	2012-05-17	Secure publishing of public-key certificates
KR101405509B1 (en)	2014-06-11	Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party
US20140244998A1 (en)	2014-08-28	Secure publishing of public-key certificates
US20020144119A1 (en)	2002-10-03	Method and system for network single sign-on using a public key certificate and an associated attribute certificate
JP2012235462A (en)	2012-11-29	Dnssec inline signing
JP2000349747A (en)	2000-12-15	Public key management method
JP2024177164A (en)	2024-12-19	Destination addressing associated with distributed ledgers
Fotiou et al.	2021	Enabling self-verifiable mutable content items in IPFS using Decentralized Identifiers
CN101242426A (en)	2008-08-13	Method, system and device for establishing transport layer security connection
Frederiksen et al.	2023	Attribute-based single sign-on: Secure, private, and efficient
CN116805907A (en)	2023-09-26	Provide and install digital certificates
CN106533681A (en)	2017-03-22	Attribute attestation method and system supporting partial presentation
Laurie et al.	2021	RFC 9162: Certificate Transparency Version 2.0
CN115118431B (en)	2024-11-29	A cross-domain identity authentication ticket conversion method
Jones et al.	2005	Layering public key distribution over secure DNS using authenticated delegation