On Tuesday 24 May 2005 14:05, Jean-Marc Desperrier wrote: > Julien Pierre wrote: > > I'm saying the standard defines no way to revoke a lost CA root, because > > it doesn't make sense. When a root is compromised, there is no PKI > > standard that can fix this. > > To be precise, the standard says that path validation begins with a > trust anchor, and that the trust anchor is outside of the path > validation algorithm. > > In fact the trust anchor does not have to be a certificate, only a > public key and a DN are required. So you can use anything you choose as > your trust anchor, for example a non-self signed certificate.
So if one wanted to "follow the standard" one could create two keys, Alice and Bob, and have Alice sign Bob's PK. Bob then becomes the root and is used to sign all lower level public keys. Alice is the trust anchor. Then, store Alice and Bob together, and if they ever get compromised, have Alice sign Bob's revocation. iang -- Advances in Financial Cryptography: https://www.financialcryptography.com/mt/archives/000458.html _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
