IETF Logo Mail Archive

RE: Online Certificate Revocation Protocol

Santosh Chokhani <chokhani@cygnacom.com> Sat, 09 June 2001 14:17 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id KAA14872 for <pkix-archive@odin.ietf.org>; Sat, 9 Jun 2001 10:17:24 -0400 (EDT)
Received: by above.proper.com (8.9.3/8.9.3) id GAA10888 for ietf-pkix-bks; Sat, 9 Jun 2001 06:42:29 -0700 (PDT)
Received: from SOTTMXS01.entrust.com (gatekeeper.entrust.com [204.101.128.170]) by above.proper.com (8.9.3/8.9.3) with ESMTP id GAA10883 for <ietf-pkix@imc.org>; Sat, 9 Jun 2001 06:42:23 -0700 (PDT)
Received: by SOTTMXS01.entrust.com with Internet Mail Service (5.5.2650.21) id <MSW04AQG>; Sat, 9 Jun 2001 09:41:55 -0400
Message-ID: <8D7EC1912E25D411A32100D0B76953978DF474@scygmxs01.cygnacom.com>
From: Santosh Chokhani <chokhani@cygnacom.com>
To: Marc Branchaud <marcnarc@rsasecurity.com>, ietf-pkix@imc.org
Subject: RE: Online Certificate Revocation Protocol
Date: Sat, 09 Jun 2001 09:31:58 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C0F0E8.8EBACE60"
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
List-ID: <ietf-pkix.imc.org>

You could revoke, but there is no compelling security reason just because
the key is destroyed regardless of the sensitivity of the subject component
or the application.

Now, if some other foul play is suspected as part of the destruction event,
that is another matter.

-----Original Message-----
From: Marc Branchaud [mailto:marcnarc@rsasecurity.com]
Sent: Friday, June 08, 2001 8:30 PM
To: ietf-pkix@imc.org
Subject: Re: Online Certificate Revocation Protocol



Santosh Chokhani wrote:
> 
> Destroying a private key used to generate signature may cause some
> operational grief in terms of getting a new key certified, but there is no
> need for that key any more and hence no revocation is needed.
> 

Except that "destruction" is not necessarily irrecoverable.  I would always
revoke, as a general rule, especially for highly sensitive (e.g. CA) keys.

		Marc

v2.23.0 | Report a Bug | By Email