Ian G [EMAIL PROTECTED] writes:
Oh... so it's written in the standard. Are you
saying that the standard defines no way to revoke
a lost CA root?
The standard treats CA roots in extremely strange ways. Among other things,
it says that CA root certs aren't subject to any verification (apart
Julien Pierre wrote:
I'm saying the standard defines no way to revoke a lost CA root, because
it doesn't make sense. When a root is compromised, there is no PKI
standard that can fix this.
To be precise, the standard says that path validation begins with a
trust anchor, and that the trust
On Tuesday 24 May 2005 14:05, Jean-Marc Desperrier wrote:
Julien Pierre wrote:
I'm saying the standard defines no way to revoke a lost CA root, because
it doesn't make sense. When a root is compromised, there is no PKI
standard that can fix this.
To be precise, the standard says that path
Ian G wrote:
So if one wanted to follow the standard one could
create two keys, Alice and Bob, and have Alice
sign Bob's PK. Bob then becomes the root and is
used to sign all lower level public keys. Alice is
the trust anchor.
Then, store Alice and Bob together, and if they ever
get
Ian G wrote:
Revocation checks cannot be done at the root level, by definition. The
standards don't allow support for revocation checking of self-signed certs.
Oh... so it's written in the standard. Are you
saying that the standard defines no way to revoke
a lost CA root? Or that it is
On Saturday 21 May 2005 00:41, Julien Pierre wrote:
Ian,
Ian G wrote:
But OCSP/CRL can not help in case of *root* cert compromission.
There's nothing above it to sign the validity information.
Can't it revoke itself?
This is priceless and one for the books. This statement shows that you
On 5/21/05, Ian G [EMAIL PROTECTED] wrote:
On Saturday 21 May 2005 00:41, Julien Pierre wrote:
Ian G wrote:
But OCSP/CRL can not help in case of *root* cert compromission. There's nothing above it to sign the validity information. Can't it revoke itself?
Revocation checks cannot be done at
On Saturday 21 May 2005 17:46, Ram A Moskovitz wrote:
If a root key is compromised and a certificate status server responds as
such the only way to undo the revocation is for the bad guy with the
private-key to prevent access to the responder, or spin up a new one which
answers differently
Ian G wrote:
Oh... so it's written in the standard. Are you
saying that the standard defines no way to revoke
a lost CA root? Or that it is impossible to revoke
a CA root? They are two entirely different things.
OpenPGP does it, the keys can revoke themselves,
and indeed the early docs
Ian G wrote:
Whereas if a root cert was used, then that could only
have been lifted in a very few places. The use of a
root cert would then send a very strong signal back
that would lead to how and when and where it was
ripped off.
the proposals that allow backup/copying of a private key
10 matches
Mail list logo