Skip to Main Content
Mobile devices can both consume and provide services. They act indeed as a peer, according to the OMA mobile Web services specification. It is a move from simple data sharing to full deliver of application services down to mobile devices. The use of digital certificates to ensure the provision of services is suitable because devices can belong to different trust domains without having previously an established relationship. Besides, by interoperability issues, the use of PKI continues to grow and move into diverse environments. However, applications making use of such certificates are burdened with the overhead of constructing and validating the certification paths. These processes can become more complex and costly than fixed-infrastructure networks due to the wireless communications and restricted processing and power capabilities. The IETF PKIX WG has specified different mechanisms for delegating the certificate validation and making lighter the status information obtaining. However, these are not supported currently by mobile devices. For these reasons, we propose to develop an open toolkit for X.509 public key certificate validating based on OpenSSL. This toolkit is being developed and tested successfully in PDAs.
Date of Conference: 17-21 March 2008