CDR: Re: Public Key Infrastructure: An Artifact...
Mark Scherling
mscherling at xcert.com
Thu Nov 23 09:24:51 PST 2000
I would like to get further information as to why you don't think revocation does
not work? I'll admit that in the case of the revocation of Sun's certificates, it
was very apparent that the notification process was weak. The other piece, the
browser checking of expired/revoked certificates is non-existent but if you properly
set up your application, it "should" check the revocation status of both the CA
certificate and the subscriber's certificate.
Your thoughts?
Bram Cohen wrote:
> On Wed, 22 Nov 2000 Lynn.Wheeler at firstdata.com wrote:
>
> > the other scenerio that some certification agencies have expressed (i.e.
> > licensing bureaus, bbb, consumer report, etc operations) is that in the online
> > world ... that they would provide an online service .... rather than
> > certificates designed for an offline world.
>
> Yes, it seems fairly well established that revocations just plain don't
> work.
>
> Once again, the solution to the problems of offline operation appears to
> be online operation.
>
> -Bram Cohen
>
> For help on using this list (especially unsubscribing), send a message to
> "dcsb-request at reservoir.com" with one line of text: "help".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mscherling.vcf
Type: text/x-vcard
Size: 223 bytes
Desc: Card for Mark Scherling
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20001123/b6eb5033/attachment.vcf>
More information about the cypherpunks-legacy
mailing list