[Top] [All Lists]

Re: Certification revocation -- identifying the revoked certificate

2001-08-29 00:36:34
On 2001-08-28 17:54:05 -0400, Michael Young wrote:

I'm really not out to be pedantic here. I think it really is important to have clear rules for revocation. If multiple certifications for a key or key/name are to be allowed, or are the *recommended* way to update preferences/qualities, then it is essential that a revocation be able to target the proper one.

Of course, the trivial solution would be to assign a unique serial number to each certificate, and to include that serial number with the revocation.

Thomas Roessler              

Attachment: pgpghtuNw60Oa.pgp
Description: PGP signature