IETF Logo Mail Archive

RE: Online Certificate Revocation Protocol

"Paul Gogarty" <p.gogarty@mail.com> Tue, 12 June 2001 16:15 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA18459 for <pkix-archive@odin.ietf.org>; Tue, 12 Jun 2001 12:15:14 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.3/8.11.3) id f5CF5mN29170 for ietf-pkix-bks; Tue, 12 Jun 2001 08:05:48 -0700 (PDT)
Received: from mail1.svr.pol.co.uk (mail1.svr.pol.co.uk [195.92.193.18]) by above.proper.com (8.11.3/8.11.3) with ESMTP id f5CF5jJ29163 for <ietf-pkix@imc.org>; Tue, 12 Jun 2001 08:05:46 -0700 (PDT)
Received: from modem-660.owl.dialup.pol.co.uk ([62.137.102.148] helo=lasvegas) by mail1.svr.pol.co.uk with smtp (Exim 3.13 #0) id 159pjl-0001Sz-00 for ietf-pkix@imc.org; Tue, 12 Jun 2001 16:05:45 +0100
From: Paul Gogarty <p.gogarty@mail.com>
To: Ietf-Pkix <ietf-pkix@imc.org>
Subject: RE: Online Certificate Revocation Protocol
Date: Tue, 12 Jun 2001 16:10:32 +0100
Message-ID: <NFBBJAOOOMJKKHJADDNKKEEFCAAA.p.gogarty@mail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
List-ID: <ietf-pkix.imc.org>
Content-Transfer-Encoding: 7bit

In cases where keys are destroyed before their revocation date would it not
make more sense to place the certificate on hold (use a combination of
'Reason Code' and 'Hold Instruction Code' CRL entry extensions).

This allows the certificate to validate as part of a certification path or
for signature verification, but provides a date after which signatures from
the certificate should not be trusted and the encryption key should not be
used.

	Paul Gogarty
	ASN.1 Developer

	De La Rue InterClear Ltd.
	De La Rue House
	Jays Close
	Viables
	Basingstoke
	England
	RG22 4BS

	Fax: +44 (0)1256 487755
	Tel: +44 (0)7879 458416
	mailto:paul.gogarty@interclear.co.uk

	http://www.interclear.co.uk/

v2.23.0 | Report a Bug | By Email