Public Key Infrastructure: An Artifact...
Tue Dec 10 11:45:29 PST 2019
I would like to get further information as to why you don't think revocation
does
not work? I'll admit that in the case of the revocation of Sun's certificates,
it
was very apparent that the notification process was weak. The other piece, the
browser checking of expired/revoked certificates is non-existent but if you
properly
set up your application, it "should" check the revocation status of both the CA
certificate and the subscriber's certificate.
Your thoughts?
Bram Cohen wrote:
> On Wed, 22 Nov 2000 Lynn.Wheeler at firstdata.com wrote:
>
> > the other scenerio that some certification agencies have expressed (i.e.
> > licensing bureaus, bbb, consumer report, etc operations) is that in the
online
> > world ... that they would provide an online service .... rather than
> > certificates designed for an offline world.
>
> Yes, it seems fairly well established that revocations just plain don't
> work.
>
> Once again, the solution to the problems of offline operation appears to
> be online operation.
>
> -Bram Cohen
>
> For help on using this list (especially unsubscribing), send a message to
> "dcsb-request at reservoir.com" with one line of text: "help".
More information about the cypherpunks-legacy
mailing list