Traditionally, creation and revocation of certificates are performed manually, by trusted agents, under conditions that are rarely formalized. This approach to certificate management is appropriate for many current applications, where the certification or revocation of certificates is based on non-digital credentials. But it is expensive, time consuming and error-prone for the growing class of applications where credentials are digital and may be verified automatically. It is our thesis that what is needed in this situation is a mechanism that provides for the explicit formulation of certificate management policies, and for their enforcement. In order for such an approach to be effective, the range of supported policies should not be limited to certificate management regulations alone. It is often the case that an activity cannot be fully described and understood independently of the management of the certificates it uses. Conversely, creation and revocation cannot always be specified autonomously: they may be called for as side-effects of operations unrelated to certificate management. In this paper, we will show how a control mechanism, called LGI, can be extended to support a wide range of certificate management policies as well as regulations for the various activities that use these certificates.
Read Paper (in PDF)