Then there are those signatures which are kept long term, say, one that is used to initiate a financial instruction after proper validation, and authorization, occurs. The problem in this example is, the signature is archived, and may require validation in the future due to an audit, litigation, etc. This may be years depending on the application's business requirements, or law.
To be specific, my only issue with supporting suspension are with certificates which assert the nonRepudiation bit.
Otherwise, I understand the usefulness of having the ability to suspend certificates which assert only the digitalSignature bit.
These can be settled by policy in isolated implementations. It becomes problematic when honoring credentials from other implementations which do not align with your policy.
Only subtle changes could be adopted, allowing for respect of the current law internationally (which some appear to require suspension) maintaining the technical ability to suspend, and the technical ability to not honor the credential by a digital signature centric business application if desired.
Anders Rundgren wrote:
Alfredo, The problem you are referring is relevant regardless if you support certificate suspension or not since a valid certificate may indeed be in the wrong hands without the legitimate user knowing or having reported it. Since the majority of signatures these days are performed in on-line scenarios, certificate suspension for signatures and authentication is essentially the same thing. Regarding legality the fact is that people are actually convicted based on IP address associations and e-mail addresses. The difference between signatures and authentication is that only the latter cannot be revoked which is why authentication remains the most critical operation regardless of its legal status. I wouldn't outlaw certificate suspension, it seems appropriate in an on-line world. thanks Anders Rundgren
-- Regards, Todd E. Johnson