>> That would just leave us wanting a way to also revoke certs that might >> have been issued to an illegitimate key. But given the lag that OCSP >> has, it might be reasonable to just auto-kill those too, since with >> reasonable automation even a 'normal' key roll-over can probably get >> new certs deployed before OCSP starts flagging old ones as revoked. > I don't think authorizing under a new account key should revoke old > certs. I think in general we want revocation to be an intentional > action, or we risk people accidentally taking their own site down.
this is an old problem. from loss of private keys (yes, one is inclined to mis-cite darwin) to people creating bogus pgp credentials with my email address. i am not aware of a simple reliable in-band solution. the examples i know rely on out of band proof of identity. oob revocation authentication usually has scaling issues. randy _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
