Abstract
Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mechanism for trust and key management. However, standard PKI Validation and Revocation mechanisms are considered major reasons for its unsuitability for Delay/Disruption Tolerant Networking (DTN). DTN requires mechanism to authenticate messages at each node before forwarding it in the network. So, Certificate Revocation Lists (CRLs) being distributed in DTN network will need to be authenticated and validated for issuer CA at each node. In this paper we propose new Validation and Revocation mechanism which is compliant with DTN semantics and protocols. The paper also proposes a new design for CRL in compliance with standard PKI X.509 standard to make the proposed mechanism easy to implement for DTN. The new designed CRL is of reduced size as it contains fewer entries as compared to standard X.509 CRL and also arranges the revocation list in the form of Hash Table (Map) to increase the searching efficiency.