Give your users the power to check electronic certificates using up to date and efficient tools. Dieser Artikel in Deutsch

Present situation

Applications working with electronic signatures must be able to verify their validity. An important part of this validation process is to check it the certificate used for generation of the signature in question is still valid. This check has to be performed by questioning the issuing Trust Center. Certification of validity and actuality of that certificate by the Trust Center is a mandatory precondition for the proof of origin of the signed data.

To the present day, applications dealing with electronic signatures must handle each Trust Center configuration separately. This causes huge costs for the initial setup as well as for subsequent configuration changes.

If certificate status information is published using Certificate Revocation Lists, those lists do contain information about all revoked certificates of the given certificate authority. This list grows over time. Depending on the number of certificates on this list the costs for transmitting this list are not negligible. When the user receives the list, the problem is not solved: the user has to scan the list for the certificate (its serial number) she is interested in.

The certificate authority must make sure to hold large Lists of status information data available.

Every time the list is updated, the user is forced to load the entire list and search for the wanted information herself.