I think you're trying to assume something that cannot be assumed: you assume that ALL unexpired CRLs are considered. This is not the case. As Dominiqué said, only the CRL that has the latest signature time is considered. This is evident in the name of the file type: Certificate Revocation *List*.
It is legal to issue a CRL that revokes a certificate (possibly with an type of "onhold", for V3 CRLs) with an expiration time of 2 years in the future, and the next hour the to remove the revocation status. If all simultaneously-valid CRLs are considered, then the intended consequence of "unrevoking" the certificate would be impossible. This is why the CRL must contain the *complete* list of *all* revoked certificates which have not yet expired. There is a PKIX extension, "delta CRLs", which defines for V3 CRLs a way to allow for adding to the list of the most-recently-issued full CRL. In order to support unrevocation, there is a special status type (called "remove_from_crl") for the delta CRL which is to be interpreted as removing the certificate from the revocation list; however, in a full V3 CRL, that status type is illegal. And in V2 CRLs (the default, since many implementations do not handle V3 CRLs) there is no means of specifying the extension that contains a status type regardless. This is specified in PKIX (currently RFC 5280); in order to maintain standards-conformance OpenSSL cannot change this behavior. (Nor can it even offer an option to change it, since its job is to maintain security-system interoperability, not capriciously make it less secure.) -Kyle H 2009/1/29 Giang Nguyen <cau...@hotmail.com>: >> > I was under the impression that openssl allows loading multiple CRLs >> > for the same issuer. But, this does not seem to be the case as is >> > proved by using "openssl verify". >> > >> > $ ls -l ./ca/ >> > total 24 >> > lrwxrwxrwx 1 pshah users 10 Jan 28 21:56 ba4bb3b6.0 -> >> > cacert.pem -----> the CA cert >> > lrwxrwxrwx 1 pshah users 14 Jan 28 21:56 ba4bb3b6.r0 -> >> > revoked_48.pem ----> revokes only cert48.pem >> > lrwxrwxrwx 1 pshah users 14 Jan 28 21:56 ba4bb3b6.r1 -> >> > revoked_49.pem -----> revokes only cert49.pem >> > -rw-r--r-- 1 pshah users 1233 Jan 28 17:09 cacert.pem >> > -rw-r--r-- 1 pshah users 560 Jan 28 17:10 revoked_48.pem >> > -rw-r--r-- 1 pshah users 560 Jan 28 17:10 revoked_49.pem >> > >> > $ openssl verify -CApath ./ca/ -crl_check -verbose cert49.pem >> > cert49.pem: OK >> > >> > $ openssl verify -CApath ./ca/ -crl_check -verbose cert48.pem >> > cert48.pem: /C=--/ST=California/L=San Francisco/O=Riverbed Technology, >> > Inc./OU=Steelhead/CN=hw1-sh18/emailaddress=fakeem...@example.com >> > <mailto:fakeem...@example.com> >> > error 23 at 0 depth lookup:certificate revoked >> > 29615:error:0B07D065:x509 certificate routines:X509_STORE_add_crl:cert >> > already in hash table:x509_lu.c:418: >> > >> A CRL ( Certificat revocation list) is the list of ALL the revoked >> certificates at the time it is issued >> So if at time t1 a certificate 48 is revoked >> then all the subsequent CRLs MUST indicate that the certificate 48 as >> revoked >> >> If later at time t2 the certificate 49 is revoked >> hen all the subsequent CRLs MUST indicate that both certificate 48 and >> certificate 49 arte revoked >> >> Thus only the lasT CRL has to considered . Since the delivery times of >> the CRLs are close together >> it is not easy to check into the example which is ithe last CRL > > i think you misunderstood the question. > the issue at hand is not about "older" and "latest" copies of a particular > (certificate revocation) list, but it is about two *distinct* simultaneously > valid and active (certificate revocation) lists that are issued/maintained by > the same issuer. > > http://tools.ietf.org/html/rfc5280#section-5 > > Each CRL has a particular scope. The CRL scope is the set of > certificates that could appear on a given CRL. For example, the > scope could be "all certificates issued by CA X", "all CA > certificates issued by CA X", "all certificates issued by CA X that > have been revoked for reasons of key compromise and CA compromise", > or a set of certificates based on arbitrary local information, such > as "all certificates issued to the NIST employees located in > Boulder". > > ________________________________ > Hotmail(R) goes where you go. On a PC, on the Web, on your phone. See how. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
