[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

when can an entry not appear on a CRL?

To: ietf-pkix@xxxxxxx
Subject: when can an entry not appear on a CRL?
From: Mary_Ellen_Zurko@xxxxxxxx
Date: Mon, 14 Dec 1998 16:16:44 -0500
Cc: Mary_Ellen_Zurko@xxxxxxxx
Sender: owner-ietf-pkix@xxxxxxx

And while I'm airing my confusions about revocation, I have another.
Section 3.3 states:
" An entry may be removed from
   the CRL after appearing on one regularly scheduled CRL issued beyond
   the revoked certificate's validity period."
This seems to be there to ensure that a revoked cert actually appears on
some regularly scheduled CRL, which seems sensible. The text is silent
on what to do for an on-demand CRL. It seems that no entries that are on
the "current" scheduled CRL should be removed from any on-demand
CRLs, as that would mean applications who picked up the on-demand
CRL but not the regularly scheduled one would miss the event. Does
that seem sensible? Does it cover the motivation of that statement?
     Mez

Follow-Ups:
- Re: when can an entry not appear on a CRL?
  - From: Juergen Walter
- Re: when can an entry not appear on a CRL?
  - From: Al Arsenault

Prev by Date: Re: Invalidity Dates
Next by Date: Re: Invalidity Dates
Previous by thread: RE: OCSP & PKIX In General
Next by thread: Re: when can an entry not appear on a CRL?
Index(es):
- Date
- Thread