A client/user of CRLs is not required to keep retain any information from the lifetime of one CRL to the next. CRLs are *presumed* to be cumulative, but only for the lifetime of the certs. The whole point of a cert expiration date is that it is a date past which the CRL need no longer list the cert. It bounds the duration of time for which the CA is required to publish revocation info for the cert, and hence bounds the size of the CRL (to some degree). It also bounds the retention duration for the relying party.
(Yes, I know the CRLs are supposed to list a cert for ONE cycle past a cert's expiration date. Big deal.) If one CRL says a cert is revoked, and the next CRL from that CA no longer says it is revoked, and the cert has not yet expired, then a standards-compliant client will treat that cert as if it had been unrevoked. There is NO requirement in any PKI standard that it do otherwise. The idea that once a (root) CA revokes itself the client will remember that forever simply flies in the face of the defined standard algorithms for the processing of CRLs. Not that it couldn't work, but the standards don't require it. Existing PKI software doesn't do it. In some sense, what you're proposing is that a root CA CRL that revokes itself should be treated as one that never expires, never will be replaced, and should be kept forever. That might be workable. *You* sell DoDUS on it. :) -- Nelson B _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security