Nelson B <[EMAIL PROTECTED]> writes: > Ah, I was wondering when paradoxes would enter this discussion. > CA self revocation: Everything I say is a lie. > > "I think not" said Descartes, who promptly vanished.
the original scenario was that CA could only assert that they were no longer valid ... they could never assert the reverse. So only a valid CA could declare themselves no longer valid ... or bad guys that had compromised the private key could declare the CA no longer valid ... but the inverse couldn't be asserted. so if the bad guys wanted to do a DOS after having compromised the private key ... then they could, at most, declare the CA no longer valid ... which by definition is what you want to happen anyway when a key has been compromised. the other thing that they could do ... was hope that the CA went unrevoked as longer as possible ... so that they could use the compromised private key to generate fraudulent certificates. However, specifically with respect to revoking a CA ... you could either do it or not do it ... nobody could ever undo it. So the bad guys could either say nothing (about the CA) or lie about the CA by using the compromised private key to revoke the CA. However, by definition, if the private key has been compromised then what you want anyway is a revokation of the CA. The only thing that the valid CA could do is say nothing (about themselves) or revoke themselves. If the real CA has made a decision to revoke itself ... then there isn't much else you can do about it. In any case, self-revokation is a special case of "everyhing else I've said is a lie". Once it asserts that special case ... then it is no longer able to assert anything more (and somewhat immaterial whether that special case was a lie or not). -- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
