On 18/2/09 23:05, Frank Hecker wrote:
Paul Hoffman wrote:
A Mozilla policy that says "we allow trust anchors for which we cannot
do revocation checking" seems wrong.
Well, yes, but as Eddy pointed out for the past 10+ years we've had a
policy that basically amounted to the same thing, at least from the
point of view of the typical user -- yes, we supported manual
configuration and loading of CRLs, but the number of people who did that
(or who understood what it meant to do it) was likely extremely small.
I would definately agree with those remarks, both.
Revocation is a bit of a paper tiger, as even when it works perfectly,
it doesn't solve the real problem, just makes us think it is solved. So
it makes no sense to be dogmatic about it, far better to be relaxed but
a little firm with it. Moving towards a fully deployed revocation
capability makes sense, but it is also something that should be done
carefully, step by step.
(Not to comment on the current case at all.)
Having said that, it is true that we are taking revocation more
seriously nowadays (and rightly so, in my opinion).
I certainly agree that we should plug away at it.
iang
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
