Frank Balluffi wrote:
>
> I can imagine a scenario whereby an organization might choose to sign a
> death notice before going out of business. For example, suppose a
> commercial CA decided to go out of business, there might be benefits to
> their signing a CRL including their root certificate.
The question is:
Has the CA issued certs and are they valid at the point of the
revokation
of the CA cert ?
Who maintains these certs ?
At least in Germany a public CA that goes out of bussines has to
find another CA that maintains the valid issued certificates.
And this new CA has a CRL, where it can publish the revokation
of the old root cert of the old CA.
By
Goetz
--
Goetz Babin-Ebell, TC TrustCenter GmbH, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]