Gervase,
Gervase Markham wrote:
Julien R Pierre - Sun Microsystems wrote:
If the root could "revoke itself", in the case of root cert key
compromise, ie. the root cert's private key becoming public, anybody
could then sign revocation information for that root CA - whether to
mark it revoked or unrevoked.
Leaving aside the question of what the standards say for just a moment,
what's wrong with that in principle? If you know a private key has been
compromised, most of the time you still have the key - so why shouldn't
or couldn't it be used to sign its own suicide note?
I don't think we can really leave the standards out of it. One of the
main problems is how a client is going to read the suicide note. Not
everybody is at the scene of the crime to read it.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
