[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Online Certificate Revocation Protocol

To: Tony Bartoletti <azb@xxxxxxxx>
Subject: Re: Online Certificate Revocation Protocol
From: Hansen Wang <hansen.wang@xxxxxxxx>
Date: Fri, 08 Jun 2001 17:57:42 -0700
Cc: Paul Hoffman / IMC <phoffman@xxxxxxx>, ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: < <> <> <>
Reply-to: hansenw@xxxxxxxxxx
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Tony Bartoletti wrote:

> If CAs may "take a long time" to effect the out-of-band revocation, I have
> to assume the issue is really some combination of "staffing" and "low
> priority", rather than a concern about DoS.

But out-of-band could also mean going to the CA's web page and filling
out a form such as typing in the some passwords/passphrase, presenting
some electronic credentials or mother's maiden name (bad example) to
request for the revocation. This would not involve staffing and would be
nearly as quick as sending the revocation message through "in-band"
means.

Hansen

References:
- Re: Online Certificate Revocation Protocol
  - From: Housley, Russ
- Re: Online Certificate Revocation Protocol
  - From: Tony Bartoletti

Prev by Date: Re: Online Certificate Revocation Protocol
Next by Date: Online Certificate Revocation Protocol
Previous by thread: Re: Online Certificate Revocation Protocol
Next by thread: Re: Online Certificate Revocation Protocol
Index(es):
- Date
- Thread