Re: Identifying revoked certificates
Jon Callas <jon@callas.org> Thu, 06 September 2001 21:57 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA09885 for <openpgp-archive@odin.ietf.org>; Thu, 6 Sep 2001 17:57:46 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id f86Lj0315527 for ietf-openpgp-bks; Thu, 6 Sep 2001 14:45:00 -0700 (PDT)
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f86LixD15523 for <ietf-openpgp@imc.org>; Thu, 6 Sep 2001 14:44:59 -0700 (PDT)
Received: from [192.168.1.180] (64.69.113.115) by merrymeet.com with ESMTP (Eudora Internet Mail Server 3.0.3); Thu, 6 Sep 2001 14:44:57 -0700
Mime-Version: 1.0
X-Sender: jon@merrymeet.com
Message-Id: <p05100330b7bd9c51106e@[192.168.1.180]>
In-Reply-To: <002301c13717$dd93a1e0$e4c22609@transarc.ibm.com>
References: <p05100309b7baf2e20a43@[192.168.1.180]> <010901c135ad$a7233000$fac32609@transarc.ibm.com> <p05100325b7bd794fd6a4@[192.168.1.180]> <20010906154624.C750@akamai.com> <002301c13717$dd93a1e0$e4c22609@transarc.ibm.com>
Date: Thu, 06 Sep 2001 14:38:46 -0700
To: Michael Young <mwy-opgp97@the-youngs.org>, ietf-openpgp@imc.org
From: Jon Callas <jon@callas.org>
Subject: Re: Identifying revoked certificates
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
At 5:06 PM -0400 9/6/01, Michael Young wrote: > Although the current packet ordering rules don't address certificate > revocation, I'd suggest that a prudent ordering would put each after > its target. This would an even stronger hint. I note that neither > PGP6.5 nor GnuPG produces this ordering. At first glance, it appears > that they use order of arrival. [Just the same, would anyone object > to suggesting this ordering in section 10?] > Yes. A change to the standard that requires all the implementations to change is not desirable. I don't see what good it does for them other than, "You'll thank me for this later." Telling them how to write their programs adds complexity, and complexity lessens security. Jon
- Fixing the secret keys, and a small apology Jon Callas
- Re: Fixing the secret keys, and a small apology Michael Young
- Identifying revoked certificates Michael Young
- Re: Fixing the secret keys, and a small apology Florian Weimer
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates David Shaw
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch