An Online Credential Retrieval System for the Grid Security Infrastructure

Frohner Ákos <Akos.Frohner@cern.ch>

CERN, Switzerland

Lõrentey Károly <lorentey@elte.hu>

ELTE Információtechnológiai Központ

Authentication methods based on public key infrastructure rely on secure access to the users' public and private keys. An online credential retrieval system (OCRS) addresses key-management concerns in the Grid by storing these credentials in a centralized, secure repository.

In this paper, we describe an OCRS implementation particularly well suited for the requirements of the Grid Security Infrastructure. We primarily focus on the management of X.509 proxy certificates and the issues of certificate revocation.