[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Light-weight certificate revocation lists ?

To: perry@piermont.com
Subject: Re: Light-weight certificate revocation lists ?
From: Carl Ellison <cme@cybercash.com>
Date: Fri, 04 Apr 1997 17:10:08 -0500
Cc: dpkemp@missi.ncsc.mil (David P. Kemp), spki@c2.net
In-Reply-To: <199704021526.KAA13314@jekyll.piermont.com>
References: <Your message of "Wed, 02 Apr 1997 08:54:56 EST." <199704021354.IAA07928@argon.ncsc.mil>
Sender: owner-spki@c2.net

At 10:26 AM 4/2/97 -0500, Perry E. Metzger wrote:
>I don't mind making provisions for CRLs, but they are an
>extraordinarily limited tool unless you impose very tight constraints
>on the ways that certificates are used, and even then, an adversary
>can probably prevent you from getting a CRL far more easily than they
>could otherwise interfere with you.

It was my intention to let one of the online tests be "go get a current CRL 
and check it", but we haven't specified online tests yet.


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

Re: Light-weight certificate revocation lists ?

From: "Perry E. Metzger" <perry@piermont.com>

Prev by Date: CRLs as wandering anti-matter
Next by Date: Re: Light-weight certificate revocation lists ?
Prev by thread: Re: Light-weight certificate revocation lists ?
Next by thread: CRLs as wandering anti-matter
Index(es):
- Main
- Thread