[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Certificate Cancellation Notices (CCN)

To: spki@c2.net
Subject: Certificate Cancellation Notices (CCN)
From: rivest@theory.lcs.mit.edu (Ron Rivest)
Date: Thu, 03 Apr 97 11:56:10 EST
Cc: blampson@microsoft.com
Sender: owner-spki@c2.net


Brian Thomas (below) asks how the CCN's work.

I guess I would expect a server to keep around recent CCN's it has
received.  If a client submits a certificate that is apparently valid,
but which is listed on a CCN, then the server can disregard that
certificate.

You are right that CCN's might not have much utility if they are not
stored by the server/verifier, as old copies might resurface.

The CCN allows for some "softening" of SPKI's "once-issued, no
revocation" policy by enabling an issuer to attempt to control the
extent to which an adversary can make use of a certificate that the
issuer would like to revoke, without having enforceable revocation.

However, if the issuer can distribute the CCN to the right places (which
might only be a few verifiers), he can get close to what CRL's
attempt to achieve, without all of their complexity and costs of CRL's.
CCN's are an informal version of CRL's, and get most of the benefits with
little of the cost, which is what you want in a system that calls itself
"simple".

Ron Rivest
==============================================================================
Return-Path: <bt0008@entropy.sbc.com>
Date: Thu, 3 Apr 1997 10:29:37 -0600 (CST)
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
X-Full-Name: Brian M. Thomas
To: frantz@netcom.com, rivest@theory.lcs.mit.edu
Subject: Re: Certificate Cancellation Notice
Cc: spki@c2.net, blampson@microsoft.com
X-Sun-Charset: US-ASCII



I may be missing the point, but if the purpose of a CCN is to tell a
certificate server not to issue a cert, destroy its copy, etc., its
usefulness is limited.  Once the certificate is issued and anyone else
has a copy, it really doesn't matter who doesn't have one, unless the
verifier's protocol doesn't accept certs from the supplicant but only
from a real-time server.  This seems to me to require more stringent
protocols even than CRLs.

I'm sure I am missing the point.  Somebody hit me with a clue.

brian


Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162

Follow-Ups:

Re: Certificate Cancellation Notices (CCN)

From: Hallam-Baker <hallam@ai.mit.edu>

Re: Certificate Cancellation Notices (CCN)

From: Camillo Särs <Camillo.Sars@DataFellows.com>

Re: Certificate Cancellation Notices (CCN)

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: Certificate Cancellation Notice
Next by Date: ref
Prev by thread: Global name spaces for tags
Next by thread: Re: Certificate Cancellation Notices (CCN)
Index(es):
- Main
- Thread