RE: Online Certificate Revocation Protocol

[Tony Bartoletti <azb@xxxxxxxx>]

At 12:01 PM 6/11/01 -0400, Santosh Chokhani wrote:
> Revocation of a public key certificate whose companion key has been 
> destroyed is a BAD idea.
>
> For example, if the subject of the key is a CA, revocation of that public 
> key certificate could cause denial of service for all the certificates 
> issued by that CA.  There is nothing wrong with the certificates.

I admit I'm on the fence here, but one should be able to "revoke the 
certificate" only in terms that mean "any signatures created after that 
point are invalid", without interfering with the ability to use the public 
key to continue verifying previously signed objects.

This suggests that CAs (or someone) should provide an historical "was valid 
between" service.  This would mitigate the DoS issue.

___tony___


Tony Bartoletti 925-422-3881 <azb@xxxxxxxx>
Information Operations, Warfare and Assurance Center
Lawrence Livermore National Laboratory
Livermore, CA 94551-9900