Certificate Revocation Trees<font size="-1"><sup>TM</sup></font> (CRTs)
Introduction

prevnext

Certificate Revocation TreesTM (CRTs)

CRTs are a high performance technique developed by ValiCert to allow applications to validate certificates efficiently. This technique, based on a cryptographic data structure called a certificate revocation tree, achieves two goals:

    1. Amortize certificate validation costs over many transactions: A user, having gained short-term proof that its certificate is valid, can use this proof over many secure transactions. More importantly, if the user encloses such proof in a message, recipients can be assured the certificate is valid without making external network requests.

    2. Structure certificate validity assurance data efficiently: The CRT data structure reduces the data transfers required to create certificate status information and disseminate it by several orders of magnitude. This increases the speed of validation, reduces bandwidth consumption, and increases scalability to a virtually unlimited number of users.

CRTs work with existing protocols and X.509 certificates. CRT validation may be used in applications transparently by means of the Toolkit API.

prevnext


ValiCert, Inc.
http://www.valicert.com
Voice: +1.650.567.5469
Fax: (+1.650.254.2148
support@valicert.com