[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Rethink CRLs
At 08:45 AM 8/15/96 +1000, Michael Warner wrote:
>Surely the only meaning that a CRL has is to negate any meaning the original
>certificate had (after a certain time).
>
>In revoking a certificate, the CA is effectively saying "I am no longer willing
>to guarantee the binding between this public key and this identity (or whatever
>else the certificate is binding to the public key)".
>
>While the reason for this revocation may be of interest to curious humans, it's
>effect on applications should be the same regardless of the reason - don't use
>the certificate because it is not valid.
>
>Anything else and you are moving toward "analogue certificates", which express
>a degree of confidence that an identity is bound to a key. Now that really
>will add to complexity !
Michael,
there's a difference between "this private key is no longer good as
of <date>", "this private key was in the hands of the enemy between <date1>
and <date2> but it's back now", and "this private key went bad sometime, but
we don't know when, so don't trust it even from the beginning".
Especially when it's a CA's private key, the result of those three
different interpretations is quite different.
- Carl
+--------------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+--------------------------------------------------------------------------+