On Sun, Jun 8, 2008 at 5:21 AM, Michael Ströder <[EMAIL PROTECTED]> wrote: > Andrews, Rick wrote: >>> That strikes me as a policy that one might describe as "attacker >> friendly". >>> I suggest: revoke first, contact later. >>> >>> When you revoke the certs, you're protecting your relying parties, and >>> you can count on your relying parties to contact the subjects whose >>> certs have been revoked. :) >> >> That's a good question, and I don't know the answer. I'll bring it up >> with the business folks to decide what we should do. > > I fear that your business people will only look at the customers' > (subscriber) side. But as a relying party I'd want that certs for weak > keys are revoked in any case.
My thought is that if there's any knowledge that a CA has that a key has been compromised, the CA can no longer verify the binding of the key to the subject -- which means that the certification should not exist, and thus must be revoked. Then again, I'm something of a 'purist' when it comes to viewing what a CA's responsibilities are. How much does it cost the CA to mint a new certificate? How much liability does the CA assume in the case where a subject's certificate is used by someone other than the subject through no real fault of the subject's? (This is one of the reasons why I don't believe it's viable to charge per-certificate, but rather per-timeperiod.) -Kyle H _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
