Ian Grigg wrote:
Why can't a self-signed cert/key revoke itself?
How would it do so?
Would it publish a CRL listing itself?
And if you found a CRL that listed its signer's cert, would you
trust that CRL?
Isn't that like choosing whether or not to believe the person
who says "everything I say is a lie"?
Mind you, revocations seem rather rare.
Look at the size of any CA's CRL.
Even cacert's CRL seems to have a lot of entries, and seems to
have expanded at a significant rate.
--
Nelson B
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
