[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Online Certificate Revocation Protocol
"Housley, Russ" <rhousley@xxxxxxxxxxxxxxx> writes:
>You make an interesting point. I figure that a message signed with the
>private key that is claiming to be compromised is a good thing to pay
>attention to.
>
>If the message is from the subscriber, then that subscriber probably knows
>that some bad thing just happened and the subscriber is trying to let
>everyone know. He does not want any one to rely on the key any more.
>
>If the message is not from the subscriber, then the key has absolutely been
>compromised. What a nice attacker to tell everyone.
It's not necessarily as simple as that, for example if you have an
encryption-only key (no way to revoke your cert if you need to submit a signed
request) or if you've lost your private key (or it was physically stolen), or
whatever there's nothing you can do if your CA follows the DOS model. Having
an attacker notify everyone of revocation is also perfectly possible, if I
steal your key I'll submit a revocation for the once-a-day affiliation-changed
CRL to prevent you from putting it on the 15-minute key-compromise CRL and
guarantee me a full day to do whatever I want with it.
Peter.