Peter Gutmann <[EMAIL PROTECTED]>:
> Mats Nilsson <[EMAIL PROTECTED]>:
>> Should a self-signed root certificate ever need to be revoked, shall it list
>> itself in its usual CRL(s), as the last thing it does before it is thrown
>> away, or is it sufficient (from its users' standpoint) that it simply ceases
>> to issue more CRLs?
> Noone knows (and I don't just mean that as a shoulder-shrug response, I mean
> that noone, at least on the PKIX list, actually knows what's supposed to happen
> in this situation). The behaviour from current apps is that some will accept a
> self-revocation, some will reject it, and a small number will crash or fail in
> some other way.
I like the idea of having the application crash in such a situation:
Obviously the application developers noticed the similarity to the
Epimenides paradoxon [1] and did not see any other way out except having
the program vanish in a puff of logic.
Anyway, if the certificiate is truly invalid, then there is no reason
why you should not be allowed to revoke it with itself. Seeing a CRL
that includes the self-signed certificate of the CA that has issued
that very CRL obviously shows that this certificate *must* be invalid.
Note that the same CA might own another self-signed certificate
containing the same public key, and this second one might still be
valid -- maybe the first certificate has been revoked because some
attributes have changed. (Of course out-of-band measures are needed
for authenticating such a second certificate.) This case shows why it
is *necessary* for the CA to be able to revoke its own self-signed
certificates. (The CRL just names the issuer, it is not bound to a
specific certificate of this issuer; in general, any certificate
containing the proper public key will do.)
[1] Epimenides is that Cretan guy who said that all Cretans are liars.
Trying to decide whether this statement of his can be true
(where it is assumend that liars must *never* say the truth)
allegedly leads to a contradiction: If it is true, the he is
a liar, so the statement must be false, so he is not a liar after
all, so the statement must be true, etc. etc.
There is in fact no contradiction in this -- if Epimenides is a
liar but his neighbour isn't, then his statement is just plainly
false. The assumption that Epimenides' statement is false does
*not* imply that Epiminides cannot be a liar. Probably the Greek
senate had not yet passed De Morgan's laws when this "paradoxon"
was invented.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]