[cryptography] How are expired code-signing certs revoked?

ianG iang at iang.org
Sat Dec 10 09:10:36 EST 2011


On 8/12/11 09:55 AM, Jon Callas wrote:
> On 7 Dec, 2011, at 11:34 AM, ianG wrote:
>
>> Right, but it's getting closer to the truth.  Here is the missing link.
>>
>> Revocation's purpose is one and only one thing:  to backstop the liability to the CA.
> I understand what you're saying, but I don't agree.

Sure.  One way to look at this is the pure scientific way.  Several 
theories have been proposed.  Which best explains the state of the world?

I.e., my theory explains why we're having this conversation, e.g., the 
multiple "strange directions" and perpetual confusions.

> CAs have always punted liability. At one point, SSL certs came with a huge disclaimer in them in ASCII disclaiming all liability. Any CA that accepts liability is daft. I mean -- why would you do that? Every software license in the world has a liability statement in it that essentially says they don't even guarantee that the software contains either ones or zeroes. Why would certificates be any different?

Certificates are different because they make a positive claim that 
speaks of reliance.  Other stuff doesn't do that (e.g., software).

> I don't think it really exists, not the way it gets thrown around as a term. Liability is a just a bogeyman -- don't go into the woods alone at night, because the liability will get you!
>

Software doesn't make a claim, so liability disclaimers probably work 
fine.  Certificates make a claim, so simply disclaiming the claim is 
problematic.  One needs a much cleverer integrated strategy in order to 
neutralise the claim.

iang



More information about the cryptography mailing list