Let's ask Duane. Duane: why the revocations?
I'd have to ask users, we don't issue a CRL for expired certificates, so the only cases are, lost private keys:
Numerous emails about this as people try to reinstall their certificates from the site but we never get their private key so they emailing us asking why it doesn't work. I can only assume formatting the HDD would be a common reason, then needing their key again,
With openssl it only allows 1 valid certificate for any CN at a time, so people wanting to renew certificates before they expire revoke and renew them.
I haven't heard of PCs being stolen to get the private key for any CAcert issued certificates, maybe this is a question better suited for commercial CAs that have been in operation a longer amount of time...
-- Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
