[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Certificate Cancellation Notice
I may be missing the point, but if the purpose of a CCN is to tell a
certificate server not to issue a cert, destroy its copy, etc., its
usefulness is limited. Once the certificate is issued and anyone else
has a copy, it really doesn't matter who doesn't have one, unless the
verifier's protocol doesn't accept certs from the supplicant but only
from a real-time server. This seems to me to require more stringent
protocols even than CRLs.
I'm sure I am missing the point. Somebody hit me with a clue.
Brian Thomas, CISSP - Distributed Systems Architect email@example.com
Southwestern Bell firstname.lastname@example.org
One Bell Center, Room 34G3 Tel: 314 235 3141
St. Louis, MO 63101 Fax: 314 235 0162