As discussed in Chapter 6, certificates provide a convenient (and typically necessary) structure for protecting the integrity of public keys. Ultimately, certificates need to be acquired by others to be useful (for example, so one end entity can encrypt for or verify signatures of another end entity). In addition, as discussed in Chapter 8, there is the need to disseminate certificate revocation information, including the use of Certificate Revocation Lists (CRLs) and/or CRL-based techniques.

The dissemination of certificate and certificate revocation information can occur in a number of ways. The purpose of this chapter is to discuss some of the methods for distributing ...