RE: Certificate suspension

["Ignacio Alamillo" <ialamillo@xxxxxxxxxxx>]

Under Spanish law, suspension is a legal requirement (not a strictly
enforced one, but a requirement after all) and therefore many CA have
implemented it, and it is actually used.

Best,


Ignacio Alamillo
Catalan Certification Authority



> -----Mensaje original-----
> De: owner-ietf-pkix@xxxxxxxxxxxx 
> [mailto:owner-ietf-pkix@xxxxxxxxxxxx] En nombre de Stephen Wilson
> Enviado el: dimecres, 23 / gener / 2008 02:50
> Para: ietf-pkix@xxxxxxxx
> Asunto: Certificate suspension
> 
> 
> 
> 
> I'm wondering to what extent is X.509 certificate suspension used in 
> practice?
> 
> Most if not all publicly visible CPs describe suspension, in almost 
> exactly the same way as they do revocation.  Yet in my experience, I 
> cannot ever recall a commercial CA or a closed/vertical PKI actually 
> doing suspensions.
> 
> To my mind, suspension is riddled with difficulties, not 
> anticipated by 
> the way CRLs work.  I could go into my concerns in a separate e-mail. 
> But if anyone can point to suspension being offered in practice (or 
> failing that, a critique of suspension) that would be appreciated!
> 
> Thanks in advance.
> 
> Cheers,
> 
> Stephen Wilson
> Managing Director
> Lockstep
> 
> Phone +61 (0)414 488 851
> 
www.lockstep.com.au
-------------------
  * Lockstep Technologies: ICT Secrets of Innovation Finalist 2007
  * Lockstep Technologies: Anthill / PwC Cool Company Finalist 2007
-------------------
Lockstep Consulting provides independent specialist advice and analysis
on authentication, PKI and smartcards.  Lockstep Technologies develops
unique new smart ID solutions that safeguard identity and privacy.