On 1/12/11 15:10 PM, Peter Gutmann wrote:
ianG<i...@iang.org> writes:
Is this in anyway a cause for action in contract? Is this a caused for
revocation?
And given that you have to ask the MITM for the revocation information, how
would you revoke such a cert?
Wait! Mallory has delivered Alice a valid CA-signed-sub-CA-signed
cert. That is the valid information, right? There was nothing wrong
the cert that wasn't seen, it is the new one that is at fault.
Or, am I missing something?
And that was "Why blacklists suck for validity checks, reason #872 in a series
of 10,000 or so". Returning you now to Max Geldray and Orchestra...
Gnash.... 3rd time lucky ... the list reply behaviour has changed......
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
