On 01/09/2009 10:20 PM, Julien R Pierre - Sun Microsystems:
Well, we'll just have to agree to disagree :) IMO revocation really doesn't matter if you already know the certificate is invalid at the time you are checking it. It's like trying to check a dead person's pulse.
Then there isn't perhaps much logic in disallowing any override capability for revocations, whereas expiration can be overridden via exception. No exception can be added for revoked certificates, but for expired ones it's possible - hence it suggests that revocation is more severe than expired (if one can think in those terms). Or how would you explain that?
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
