[cryptography] How are expired code-signing certs revoked?
iang at iang.org
Sat Dec 10 09:10:36 EST 2011
On 8/12/11 09:55 AM, Jon Callas wrote:
> On 7 Dec, 2011, at 11:34 AM, ianG wrote:
>> Right, but it's getting closer to the truth. Here is the missing link.
>> Revocation's purpose is one and only one thing: to backstop the liability to the CA.
> I understand what you're saying, but I don't agree.
Sure. One way to look at this is the pure scientific way. Several
theories have been proposed. Which best explains the state of the world?
I.e., my theory explains why we're having this conversation, e.g., the
multiple "strange directions" and perpetual confusions.
> CAs have always punted liability. At one point, SSL certs came with a huge disclaimer in them in ASCII disclaiming all liability. Any CA that accepts liability is daft. I mean -- why would you do that? Every software license in the world has a liability statement in it that essentially says they don't even guarantee that the software contains either ones or zeroes. Why would certificates be any different?
Certificates are different because they make a positive claim that
speaks of reliance. Other stuff doesn't do that (e.g., software).
> I don't think it really exists, not the way it gets thrown around as a term. Liability is a just a bogeyman -- don't go into the woods alone at night, because the liability will get you!
Software doesn't make a claim, so liability disclaimers probably work
fine. Certificates make a claim, so simply disclaiming the claim is
problematic. One needs a much cleverer integrated strategy in order to
neutralise the claim.
More information about the cryptography