查看文章

The CA certificate is a certificate issued by a Certificate Authority (CA) to an entity as authentication certificate. With this type of authentication certificate, the entity is also allowed to issue a sub-certificate to the end nodes. In this paper we present a protocol of CA certificate that issued to particular routers in the Internet, which in turn, the router is allowable to issue sub-certificates to the connected nodes. The format of the CA certificate and the sub-certificate is an extension to what had presented in user's digital certificate. However the protocol for issuing, renewing and revoking the router's CA certificate and the node's subcertificates is new and first time presented in the literature. Analysis of the security consideration of each part of this protocol is also presented. By the introduction of this protocol we are able to avoid the replay attack, man in the middle attack and denial of service attack (flooding type).