[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OCSP and CSL

To: Ben Laurie <ben@xxxxxxxxxxxxx>
Subject: Re: OCSP and CSL
From: Massimiliano Pala <madwolf@xxxxxxxxxxxxxxxx>
Date: Thu, 27 Jan 2000 12:01:13 +0100
Cc: ietf-pkix@xxxxxxx
Organization: Comune di Modena
References: <> <> <> <>
Sender: madwolf@xxxxxxxxxxxxxxxxxxxxxxxxx

Ben Laurie wrote:

> Since a suspended certificate is as unusable as a revoked one, it makes
> no sense to me to permit _any_ differences between the creation of a
> suspension and the creation of a revocation. Which means that there's
> little point in supporting suspension at all.
> 
> Cheers,
> 
> Ben.

But the point is: the certificate is not yet revokable but its state it's
been reported to be 'probably compromised'. It would be useful to get the
server(s) not allowing critical data transmission using such keys...

(refer to a model where the ca machine is disconnected for security
porpouses).

C'you,

	Massimiliano Pala (madwolf@openca.org)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- OCSP and CSL
  - From: Massimiliano Pala
- Re: OCSP and CSL
  - From: Stephen Kent
- Re: OCSP and CSL
  - From: Massimiliano Pala
- Re: OCSP and CSL
  - From: Ben Laurie

Prev by Date: Re: LAST CALL:draft-ietf-pkix-time-stamp-05.txt
Next by Date: Re: OCSP and CSL
Previous by thread: Re: OCSP and CSL
Next by thread: Re: OCSP and CSL
Index(es):
- Date
- Thread