[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Online Certificate Revocation Protocol

To: ietf-pkix@xxxxxxx
Subject: Re: Online Certificate Revocation Protocol
From: Massimiliano Pala <madwolf@xxxxxxxxxxxxxxx>
Date: Wed, 13 Jun 2001 15:10:07 +0200
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: OpenCA
References: <>
Reply-to: madwolf@xxxxxxxxxx
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Peter Gutmann wrote:

> There's another revocation status which needs a way of indicating it which is
> somewhat trickier, I'll bring it up here in case anyone has any ideas:
> Sometimes a cert can be issued in error, what's needed here is a revocation
> reason which says that not only is the cert revoked, it should never be and
> was never valid at any time for any reason.  You can sort of achieve this by

In this case, when will br the entry removed from the CRL ? When the certificate
will be expired ?? Or should it be left in all future CRLs ?

-- 

C'you,

	Massimiliano Pala

--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]                madwolf@xxxxxxxxxx
                                                     madwolf@xxxxxxxxxxxxxxx
http://www.openca.org                            Tel.:   +39 (0)59  270  094
http://openca.sourceforge.net                    Mobile: +39 (0)347 7222 365

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- Re: Online Certificate Revocation Protocol
  - From: Peter Gutmann

Prev by Date: SV: Online Certificate Revocation Protocol
Next by Date: Re: Online Certificate Revocation Protocol
Previous by thread: Re: Online Certificate Revocation Protocol
Next by thread: Re: Online Certificate Revocation Protocol
Index(es):
- Date
- Thread