Paul Hoffman wrote:
At 4:39 PM +0100 10/22/08, Gervase Markham wrote:
Julien R Pierre - Sun Microsystems wrote:
If the root could "revoke itself", in the case of root cert key
compromise, ie. the root cert's private key becoming public, anybody
could then sign revocation information for that root CA - whether to
mark it revoked or unrevoked.
Leaving aside the question of what the standards say for just a moment,
what's wrong with that in principle? If you know a private key has been
compromised, most of the time you still have the key - so why shouldn't
or couldn't it be used to sign its own suicide note?
Quite right. The flip side of this is that if *anyone* other than the person
who generated the key pair has they public key, they *should* sign the suicide
note and distribute it because if they have it, a bad actor could have it as
well.
Yes, they should ... But the big question is how do they actually do
that and get software to take notice of that suicide note ?
I don't think that can really be done without standards.
Updating software with a new root module is a lot simpler. Of course
that process has its own set of security issues as well.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
