[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Online Certificate Revocation Protocol

To: ietf-pkix@xxxxxxx
Subject: Re: Online Certificate Revocation Protocol
From: Marc Branchaud <marcnarc@xxxxxxxxxxxxxxx>
Date: Mon, 11 Jun 2001 13:39:06 -0700
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: RSA Security
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Two replies in one...

Santosh Chokhani wrote:
> 
> Revocation of a public key certificate whose companion key has been
> destroyed is a BAD idea.
>  
> For example, if the subject of the key is a CA, revocation of that
> public key certificate could cause denial of service for all the
> certificates issued by that CA.  There is nothing wrong with the
> certificates.

Just because the revocation mechanisms aren't up to the task is a poor reason
to not take the precaution.

Santosh Chokhani wrote:
> 
> Again, it is trust issue.  I have a very simple point.  If you trust
> the holder of private key, you do NOT revoke a certificate.  If you
> do not trust the holder of private key, you probably want to do
> something whether the key was destroyed or not.

Trusting the holder is not enough.  The holder may consider the key destroyed
because it's beyond his ability to recover, but that doesn't mean that it
can't be recovered by someone else.  Such recovery is less likely to be
noticed with an unused key.

The safe course is to revoke.  To do otherwise has security implications.

		Marc

References:
- RE: Online Certificate Revocation Protocol
  - From: Santosh Chokhani

Prev by Date: Re: Online Certificate Revocation Protocol
Next by Date: Re: Online Certificate Revocation Protocol
Previous by thread: Re: Online Certificate Revocation Protocol
Next by thread: Re: Online Certificate Revocation Protocol
Index(es):
- Date
- Thread