> > - U1, U2, U3 are end-user certificates, issued by CA1 > > - U1 is revoked, and the CRL is published (lets call it CRLg1) > > The problem here is that you can't trust a CRL when its > signature key is compromised.
I think that this is not the reason. If a signature key is compromised but used to revoke "itself": it can be a genuine authentic revocation (e.g. as reaction to the compromise) and it should be accepted as revocation, -- or -- it can be a forged revocation by a malicious entity made possible because of a compromise and in case of a proven compromise, permanent revocation seems very reasonable, doesn't it? oki, Steffen End of message. -- About Ingenico: Ingenico is a leading provider of payment, transaction and business solutions, with over 15 million terminals deployed in more than 125 countries. Over 3,000 employees worldwide support merchants, banks and service providers to optimize and secure their electronic payments solutions, develop their offer of services and increase their point of sales revenue. http://www.ingenico.com/. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. P Please consider the environment before printing this e-mail ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
