[cryptography] How are expired code-signing certs revoked?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Dec 7 16:32:06 EST 2011


<dan at geer.org> writes:

>Another wrinkle, at least as a logic problem, would be whether you can revoke
>the signing cert for a CRL and what, exactly, would that mean

That's actually a known problem (at least to PKI people).  So what you're
really asking is whether a self-signed root cert can revoke itself, since a
lower-level cert can always be revoked by a higher-level one:

  The handling of CA root certificates is particularly problematic because
  there's no effective way to replace or revoke them.  Consider what would be
  required to revoke a CA root certificate.  These are self-signed, which
  means that the certificate would be revoking itself.  In the presence of
  such a revocation applications can react in one of three ways: they can
  accept the CRL that revokes the certificate as valid and revoke it, they can
  reject the CRL as invalid because it was signed by a revoked certificate, or
  they can crash (and some applications will indeed crash in this situation).
  Since revocation of a self-signed certificate is the PKI version of
  Epimenedes paradox "All Cretans are liars" and PKI applications are unlikely
  to be coded to deal with self-referential paradoxes, crashing is a perfectly
  valid response.

>--dan, quite possibly in a rat hole

No, not really, the PKI folks have it sorted out: Ostrich algorithm, like many
other known paradoxes and problems created by the standards

Peter.




More information about the cryptography mailing list