Bodo Moeller wrote:
>
> Peter Gutmann <[EMAIL PROTECTED]>:
> > Mats Nilsson <[EMAIL PROTECTED]>:
>
> >> Should a self-signed root certificate ever need to be revoked, shall it list
> >> itself in its usual CRL(s), as the last thing it does before it is thrown
> >> away, or is it sufficient (from its users' standpoint) that it simply ceases
> >> to issue more CRLs?
>
> > Noone knows (and I don't just mean that as a shoulder-shrug response, I mean
> > that noone, at least on the PKIX list, actually knows what's supposed to happen
> > in this situation). The behaviour from current apps is that some will accept a
> > self-revocation, some will reject it, and a small number will crash or fail in
> > some other way.
>
> I like the idea of having the application crash in such a situation:
> Obviously the application developers noticed the similarity to the
> Epimenides paradoxon [1] and did not see any other way out except having
> the program vanish in a puff of logic.
Eh? Surely if a cert revokes itself then one of two things has happened:
a) The legitimate owner revoked it
b) Someone else got hold of the private key and revoked it
in either case, you want the cert to be revoked, right?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]