[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: serial numbers // push/pull CRL's
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 2 Apr 1997, Ron Rivest wrote:
> It is the
> responsibility of the issuer to push the CRL out to the places he wants
> it to be, instead of expecting the certificate user to pull the latest CRL
> down when he is checking the certificate.
> Maybe this is enough different that we should call it something else.
> How about "push-CRL" instead of the standard "pull-CRL"??
> Anyway, I think that push-CRL's are necessary, once you have setups such
> as envisioned above with servers managing databases for clients.
Given that we're now looking at a push model for issuer-to-server
revocation, is a CRL really necessary or can the issuer simply send a
"revoke cert X" message for each cert he wants to revoke?
After all, a revocation is forever (right?). Once the bit is flipped,
there's really no need to keep the cert on a list. Once the issuer
notifies the servers, they remove the cert from their databases and that's
it -- it's revoked. I'm assuming here that anyone else who's concerned
about the cert's validity would just contact one of the servers (or, if
they're not too concerned, accept it's validity period).
So don't bother with a list format. Instead, define a message protocol
between the issuer and the server. There should be such a protocol anyway
to allow the issuer to give certs to the server. Let's just formalize
that and extend it to allow the issuer to remove certs from the server.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----