IETF Logo Mail Archive

[Acme] Revocation: why not cert serial number?

Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 24 July 2015 20:02 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D8051A1B49 for <acme@ietfa.amsl.com>; Fri, 24 Jul 2015 13:02:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.276
X-Spam-Level:
X-Spam-Status: No, score=-1.276 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fprZdth5MLDy for <acme@ietfa.amsl.com>; Fri, 24 Jul 2015 13:02:07 -0700 (PDT)
Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 291731A1B24 for <acme@ietf.org>; Fri, 24 Jul 2015 13:02:07 -0700 (PDT)
Received: by wibxm9 with SMTP id xm9so42565951wib.0 for <acme@ietf.org>; Fri, 24 Jul 2015 13:02:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=VlZJ0EKIOot1h58U8trU/fstV6pgmMshWzsydwsFwKg=; b=ztjd0tr7LMx/2WCjnxecRKzNVP2XRAGUh8l7hnreRnNonGU1WFeIJ/FkcJboZBTn8i IuZAtZk8nnCbiH8dyfbPzm+UDnzLURJK0jpgOlekSPlm4MEU4BIhySr92mcyJYTEPgCZ vIqWh179OAQrTlmLYmhp6AFRVk1Ap73Zg0mZZVGaNtX6+iyfqaXpgYAGIGOoQI8Oqovg EudXBFR7QPUTdh0oYdQQa3I3s0vD+jGHyzPjR6fAie0kvHoYyUPm1kg6tJiEMeAa49cP jTJAmY1Mg6GjAVjtW7ek7P/XLeqp6Pyi/17myz1qUM0A1DmhIAcQEwsjwuS5TU5F7zRl qNtw==
X-Received: by 10.180.75.4 with SMTP id y4mr166359wiv.1.1437768125946; Fri, 24 Jul 2015 13:02:05 -0700 (PDT)
Received: from [10.226.129.3] (80-254-69-3.dynamic.monzoon.net. [80.254.69.3]) by smtp.googlemail.com with ESMTPSA id ho10sm14175191wjb.39.2015.07.24.13.02.05 for <acme@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 24 Jul 2015 13:02:05 -0700 (PDT)
Message-ID: <55B299BC.3020001@gmail.com>
Date: Fri, 24 Jul 2015 22:02:04 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: acme@ietf.org
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/Wkg0eWX5Y1cKltWHdqYzPATvwe8>
Subject: [Acme] Revocation: why not cert serial number?
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 20:02:08 -0000

The title says it all. People have been using serial numbers for ages to identify the cert (and yes, we all know the problems with revocation). Why not keep it like that?

Thanks,
    Yaron

v2.23.0 | Report a Bug | By Email