Since December 2009, the European Union Trusted Service Status Lists (TSLs) have been specified and adopted across European Union countries in order to enable the verification of digital signatures with legal values. This paper deals with the exploitation of TSLs in real digital services, other than electronic signatures, that is for certificate validation service. In particular, we used such lists in the service provided by the pan-European Secure identTities acRoss boRders linKed identity management infrastructure in order to validate X.509 public key certificates. In addition, we propose an XML data structure to be used in conjunction with a TSL, in the form of a Trust Service Association (TrSA) file, to hold trust relationships between different services in a TSL. The TrSA file in conjunction with the TSLs may be used directly by the service providers or users to validate certificates. For the generation of the TSLs, we propose also a tool for automatic generation of the TSLs, named TSLGenerator.
Exploiting the European Union trusted service status list for certificate validation in STORK: design, implementation, and lessons learnt / Berbecaru, DIANA GRATIELA; Lioy, Antonio. - In: SOFTWARE-PRACTICE & EXPERIENCE. - ISSN 0038-0644. - STAMPA. - 45:11(2015), pp. 1457-1477. [10.1002/spe.2292]
Exploiting the European Union trusted service status list for certificate validation in STORK: design, implementation, and lessons learnt
BERBECARU, DIANA GRATIELA;LIOY, ANTONIO
2015
Abstract
Since December 2009, the European Union Trusted Service Status Lists (TSLs) have been specified and adopted across European Union countries in order to enable the verification of digital signatures with legal values. This paper deals with the exploitation of TSLs in real digital services, other than electronic signatures, that is for certificate validation service. In particular, we used such lists in the service provided by the pan-European Secure identTities acRoss boRders linKed identity management infrastructure in order to validate X.509 public key certificates. In addition, we propose an XML data structure to be used in conjunction with a TSL, in the form of a Trust Service Association (TrSA) file, to hold trust relationships between different services in a TSL. The TrSA file in conjunction with the TSLs may be used directly by the service providers or users to validate certificates. For the generation of the TSLs, we propose also a tool for automatic generation of the TSLs, named TSLGenerator.File | Dimensione | Formato | |
---|---|---|---|
Berbecaru_et_al-2015-Software__Practice_and_Experience.pdf
non disponibili
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
2.32 MB
Formato
Adobe PDF
|
2.32 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2621726
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo