<[email protected]> writes: >Another wrinkle, at least as a logic problem, would be whether you can revoke >the signing cert for a CRL and what, exactly, would that mean
That's actually a known problem (at least to PKI people). So what you're really asking is whether a self-signed root cert can revoke itself, since a lower-level cert can always be revoked by a higher-level one: The handling of CA root certificates is particularly problematic because there's no effective way to replace or revoke them. Consider what would be required to revoke a CA root certificate. These are self-signed, which means that the certificate would be revoking itself. In the presence of such a revocation applications can react in one of three ways: they can accept the CRL that revokes the certificate as valid and revoke it, they can reject the CRL as invalid because it was signed by a revoked certificate, or they can crash (and some applications will indeed crash in this situation). Since revocation of a self-signed certificate is the PKI version of Epimenedes paradox "All Cretans are liars" and PKI applications are unlikely to be coded to deal with self-referential paradoxes, crashing is a perfectly valid response. >--dan, quite possibly in a rat hole No, not really, the PKI folks have it sorted out: Ostrich algorithm, like many other known paradoxes and problems created by the standards Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
