"mhey...@gmail.com" <mhey...@gmail.com> writes: >In a CRL that contains an element that revokes the CRL signing certificate, >only that element can be assumed to be correct. All other list elements are >suspect.
Uhh, read my original text again. This is your personal opinion. Ask a bunch of PKI people, or look at what real applications do, and you'll get any one of the three interpretations I described. The fact that you think this doesn't mean that anything actually does it. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography