IETF Logo Mail Archive

Re: Online Certificate Revocation Protocol

Marc Branchaud <marcnarc@rsasecurity.com> Mon, 11 June 2001 21:35 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA19482 for <pkix-archive@odin.ietf.org>; Mon, 11 Jun 2001 17:35:27 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.3/8.11.3) id f5BKdsD16370 for ietf-pkix-bks; Mon, 11 Jun 2001 13:39:54 -0700 (PDT)
Received: from nebula.x509.com (nebula.x509.com [199.175.150.19]) by above.proper.com (8.11.3/8.11.3) with ESMTP id f5BKdqJ16365 for <ietf-pkix@imc.org>; Mon, 11 Jun 2001 13:39:53 -0700 (PDT)
Received: from crack.x509.com (mail.x509.com [199.175.150.1]) by nebula.x509.com (8.11.3/XCERT) with ESMTP id f5BKdli06375 for <ietf-pkix@imc.org>; Mon, 11 Jun 2001 13:39:47 -0700 (PDT)
Received: from exvan01.x509.com (exvan01.x509.com [10.9.22.50]) by crack.x509.com (8.11.3/XCERT) with ESMTP id f5BKdlU02561 for <ietf-pkix@imc.org>; Mon, 11 Jun 2001 13:39:47 -0700 (PDT)
Received: from rsasecurity.com (eskarina.eng.x509.com [10.7.33.45]) by exvan01.x509.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id L2KC5CY3; Mon, 11 Jun 2001 13:40:20 -0700
Message-ID: <3B252C6A.E80049D9@rsasecurity.com>
Date: Mon, 11 Jun 2001 13:39:06 -0700
From: Marc Branchaud <marcnarc@rsasecurity.com>
Organization: RSA Security
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.18 i686)
X-Accept-Language: en, fr
MIME-Version: 1.0
To: ietf-pkix@imc.org
Subject: Re: Online Certificate Revocation Protocol
References: <8D7EC1912E25D411A32100D0B76953978DF4C9@scygmxs01.cygnacom.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
List-ID: <ietf-pkix.imc.org>
Content-Transfer-Encoding: 7bit


Two replies in one...
 
Santosh Chokhani wrote:
> 
> Revocation of a public key certificate whose companion key has been
> destroyed is a BAD idea.
>  
> For example, if the subject of the key is a CA, revocation of that
> public key certificate could cause denial of service for all the
> certificates issued by that CA.  There is nothing wrong with the
> certificates.

Just because the revocation mechanisms aren't up to the task is a poor reason
to not take the precaution.


Santosh Chokhani wrote:
> 
> Again, it is trust issue.  I have a very simple point.  If you trust
> the holder of private key, you do NOT revoke a certificate.  If you
> do not trust the holder of private key, you probably want to do
> something whether the key was destroyed or not.

Trusting the holder is not enough.  The holder may consider the key destroyed
because it's beyond his ability to recover, but that doesn't mean that it
can't be recovered by someone else.  Such recovery is less likely to be
noticed with an unused key.

The safe course is to revoke.  To do otherwise has security implications.

		Marc

v2.23.0 | Report a Bug | By Email