An Online Credential Retrieval System for the Grid Security Infrastructure
Frohner Ákos <Akos.Frohner@cern.ch>
CERN, Switzerland
Lõrentey Károly <lorentey@elte.hu>
ELTE Információtechnológiai Központ
Authentication methods based on public key infrastructure rely on secure access to the users' public and private keys. An online credential retrieval system (OCRS) addresses key-management concerns in the Grid by storing these credentials in a centralized, secure repository.
In this paper, we describe an OCRS implementation particularly well suited for the requirements of the Grid Security Infrastructure. We primarily focus on the management of X.509 proxy certificates and the issues of certificate revocation.