Modification of the electronic signature verification procedure

The public key infrastructure (PKI) is widely used both in conventional computer networks and authenticating network nodes and monitor integrity. These procedures are used to check an electronic data signature. The most difficult operation when verifying an electronic signature is to check the status of the certificate. This check may be implemented by two methods - using CRL (certificate revocation list) or with OCSP (Online Certificate Status Protocol). This paper discusses advantages and disadvantages of each of these methods, provides an assessment of the safety of the existing electronic signature (ES) verification algorithm, reveal shortcomings. A new ES verification algorithm is proposed. A method for estimating the validity of an ES check result using the old ES check algorithm is proposed.