[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Light-weight certificate revocation lists ?

David P. Kemp writes:
> CRLs don't wander around space like anti-matter, randomly colliding with
> certificates!  Just like certificates, they are fetched as needed if
> they aren't already available from a local cache on the decision-making
> host.

Lets say that the original certificate was delivered along with a mail
message, or otherwise delivered and not fetched? Perhaps the mail
message isn't even coming over an IP channel, but is instead coming
over a protocol like UUCP that makes real time fetches hard.

Lets say that you use a cache to prevent yourself from having to fetch
things all the time?

In either case, you might not look up a CRL "on time". In fact, you
might not even be able to look up a CRL.

I don't mind making provisions for CRLs, but they are an
extraordinarily limited tool unless you impose very tight constraints
on the ways that certificates are used, and even then, an adversary
can probably prevent you from getting a CRL far more easily than they
could otherwise interfere with you.


Follow-Ups: References: