[All Lists] [By Thread] [By Date] [Previous] [Next]

From: R. Halevi
Subject: Can certificates be revoked?
Date: 11 Tevet 5782

new information casts doubt

This is where it becomes uncomfortable.

If we revoke because the subject's key was compromised, we are protecting the integrity of the system. The procedure happened, but the cryptographic binding is no longer secure.

If we revoke because we question the original attestation, we are saying something different. We are saying: we signed, but perhaps we should not have. The procedure occurred, but we withdraw our endorsement.

These are not the same. Should they use the same mechanism?

—Dov Halevi

Thread:

• Re: Can certificates be revoked?, R. Nachmani (9 Tevet 5782)
• Re: Can certificates be revoked?, R. Halevi (9 Tevet 5782)
• Re: Can certificates be revoked?, R. Kovacs (11 Tevet 5782)
• Re: Can certificates be revoked?, Ben-Ari (10 Tevet 5782)
• Re: Can certificates be revoked?, R. Halevi (11 Tevet 5782)
• Re: Can certificates be revoked?, R. Nachmani (11 Tevet 5782)

[Previous] [Next]