What he talking about, is to make it possible, to get a "revocation blob" from the ACME client, for a specific client or certificate. This can then be locked securely inside a safe, or published with a dead-mans-switch.
IF anything happens to the certificate, you just take out the securely stored "revocation blob" OR let the dead-mans-switch expire, and then you submit the revocation blob (or let another person do it - for example the dead-man-switch service) to ACME server, which will then revoke the associated certificate or all certificates under a account, or allow choosing of a certificate. The purpose is that this revocation blob should be limited in access such that it can ONLY be used to revoke certificates - and maybe one-use only so if you want to revoke another certificate, you have to use a fresh unused blob, and thus that blob does not need to be stored super-securely, it can be stored accessible enough that it can be used in an emergency. The private key of the certicate or account needs to be stored securely enough that nobody else gets it, else the certificate could be misused. -----Ursprungligt meddelande----- Från: Salz, Rich <[email protected]> Skickat: den 19 juni 2020 19:12 Till: Matt Palmer <[email protected]>; [email protected] Ämne: Re: [Acme] Revocation via ACME using pre-signed artifact > That's true if you want to revoke a certificate, but how do you deactivate an account without access to the private key? I don't think ACME should handle this. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
