[cryptography] How are expired code-signing certs revoked?
pgut001 at cs.auckland.ac.nz
Thu Dec 8 17:02:01 EST 2011
"mheyman at gmail.com" <mheyman at gmail.com> writes:
>In a CRL that contains an element that revokes the CRL signing certificate,
>only that element can be assumed to be correct. All other list elements are
Uhh, read my original text again. This is your personal opinion. Ask a bunch
of PKI people, or look at what real applications do, and you'll get any one of
the three interpretations I described. The fact that you think this doesn't
mean that anything actually does it.
More information about the cryptography