This project is the following of project CI 2003 CADDISC (Combination of LDAP and DNSsec directories for distributing keys) which aims to reach a two-level PKI (Public Key Infrastructure), a global one based on DNSsec, and a local one (companies, schools) using LDAP.
VeriCert aims to improve LDAP security for the keys publishing service, by introducing for some entries of the LDAP basis one more access control according to the search depth.
VeriCert is interested in the three possible uses of the CADDISC certificate verification:
- the authentication done in IEEE 802.11 networks. The results of (CI 2002) Authentis platform will be reused, but instead of basing user's authentication on the certificate presented by the user, CADDISC will ensure the reliability of certificates.
- the authentication in an operator's context. The users will authenticate to the access network through the PANA protocol.
- The authentication in a context of VPN secured by IPsec