[tor-dev] proposal 240: Early signing key revocation for directory authorities.

Nick Mathewson nickm at alum.mit.edu
Sun Jan 11 18:24:03 UTC 2015


On Sun, Jan 11, 2015 at 6:33 AM, Ian Goldberg <iang at cs.uwaterloo.ca> wrote:
> On Sat, Jan 10, 2015 at 03:46:32PM -0500, Nick Mathewson wrote:
>> 5. Circular revocation
>>
>>    My first attempt at writing a proposal here included a lengthy
>>    section about how to handle cases where certificate A revokes the key
>>    of certificate B, and certificate B revokes the key of certificate A.
>>
>>    Instead, I am inclined to say that this is a MUST NOT.
>
> You still have to tell clients what to do if they see that situation.
>
> A little while back, agl and I were discussing X.509 revocation, and we
> came to the tentative conclusion that by allowing for the recovation of
> certificates that revoke other certificates, and multiple signatures on
> certificates, determining whether a certificate was valid could actually
> be formally incomputable in general.

Hm.  What do you think of Peter's idea for "newer revokes older" then?


More information about the tor-dev mailing list