A lightweight mutual authentification based on proxy certificate trust list

抄録

Proxy certificate is introduced to ensure dynamic delegation andsingle-sign-on for grid computing. With delegation, proxy certificate path verification is needed foreach mutual authentication process. Apparently it is time-consuming, mechanically repeated. In particular, it is hard to keep a long proxy certificate path.In this paper, we propose Proxy Certificate Trust List (PCTL) that records the delegation trace and simplifies the certificate path verification. The mechanism of PCTL is based on the traditional Public Key Infrastructure (PKI), and the required modification on SSL/TLS protocol and Lightweight Directory Access Protocol (LDAP) schema is kept minimum.