Ben Bucksch wrote:
I don't know, but I could in any case send out a (computer-parsable) statement "this cert is invalid from now on", signed by that cert. Then I am no worse as if I never had a cert. This is assuming, of course, that I also still have a copy of the private key somewhere.
I personally don't worry all that much about the compromised key case, because that's something I can prevent (or I am screwed anyways). I can't prevent the problems in the model.
You can't, but CAs can !
If your cert was signed by a CA, and your private key was compromised, you can notify your CA of the key compromise, and they will put the serial number of your certificate on their CRL (Certificate Revocation List).
Also, if they operate an OCSP responder (OCSP is Online Certificate Status Protocol), the responder will state that the cert was revoked to anybody who asks, as well as the reason why.
CRL and OCSP are computer-parsable statements, and they are secure. If there was no CA signature on that computer-parsable statement, then anybody can fake that statement and revoke your self-signed cert !
In other words, if you have a self-signed cert, there is nothing you can do to revoke it in a secure way if the reason was a key compromise, particular, as Ian pointed out, if you lost your own private key and somebody else got ahold of it - for example, if the computer with your private key was stolen, which is surely something you would want to protect against.
It would be of great benefit to you to read the specifications for the existing and secure PKI revocation mechanisms of CRLs and OCSP. There is no need to reinvent the wheel. I won't be answering any more of your messages until you do your due diligence.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
