On 12/1/09 10:56, Jean-Marc Desperrier wrote:
Eddy Nigg wrote:
[...] No exception can be added for revoked certificates, but for
expired ones it's possible - hence it suggests that revocation is more
severe than expired (if one can think in those terms). Or how would you
explain that?
As I have already found myself in the situation of really needing to
override an expired certificate, I beg to differ and find an explanation.
In the case of revoked certificates, you have positive proof that the CA
wants that cert to be revoked.
And in the case of an expired certificate, you have positive proof that
the CA wants that cert expired.
These are word games. What is the definition of these words? If you
look in the RFCs, likely (I have not, please correct me if I am wrong)
it will defer the precise definition of these two words and their
relationship up to the CPS. Which means they are anything that *each
CA* decides upon.
The end result is quite open in practice. There are some reason codes
for revocation, but they are not necessarily followed. Some people
revoke certs because they are no longer using them, not because they are
compromised in any way. CAs can offer to unrevoke certs by taking them
out of the CRLs. Some CAs apparently offer the "suspended" state...
For some reason, revocation is not the killer-option it is in the
OpenPGP world, where a key signs its own death warrant, and once
released can never be called back.
So we end up with revocation being approximately like expiry. About the
only thing you can say is "the CA doesn't want us to use that cert."
Indeed if you consider the structure of certs over time, revocation has
to be more or less the same as expiry, because the real reason for
expiry is that the CRLs need to be bounded. PKI doesn't need expiry if
it doesn't need revocation. We need revocation therefore we need expiry.
("Need" here means, to make the thing work, as opposed to a useful
user-level feature of choice.)
In the case of expired certificates, you just don't know. So it leave
the possibility that you have out of band information that the key is
not compromised and that you should be able to access the site.
Perhaps a way to ask this is, when you see a revoked certificate listed
in a CRL, do you have faith in the reason codes? If the reason codes
tell you something mild, can you exclude the possibility of compromise?
Are you going to go through the CPS and the RFCs and figure out where
you stand?
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
