[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Light-weight certificate revocation lists ?

I concur with Carl on this one:  in the limit CRLs are either 
useless or else they are just a list of on-line verification tests.

The normal propagation route for certs will be that the person 
benefiting (usually the Subject) carries them to the person wanting
authorization.  This route isn't very effective for negative certs,
or for CRLs.  :-)

Maybe Ron Rivest's "light-weight CRLs" should be changed to 
"light-weight O-LVT's".



I am not a cypherpunk.  NOT speaking for DigiCash or any other
person or organization.  No PGP sig follows.