Re: Identifying revoked certificates


Are there any comments on Michael's suggestion?

Here's a sketch design:

A signature subpacket called "revocation target" that contains a 1-octet
PKalg, a 1-octet hash algorithm, and then a hash body. It denotes that a
revocation signature is intended to revoke the signature so specified.

Comments?

        Jon

<Prev in Thread]	Current Thread	[Next in Thread>
Fixing the secret keys, and a small apology, Jon Callas Re: Fixing the secret keys, and a small apology, Michael Young Identifying revoked certificates, Michael Young Re: Identifying revoked certificates, Jon Callas <= Re: Identifying revoked certificates, David Shaw Re: Identifying revoked certificates, Michael Young Re: Identifying revoked certificates, Jon Callas Re: Identifying revoked certificates, Michael Young Re: Identifying revoked certificates, Jon Callas Re: Identifying revoked certificates, Werner Koch Re: Identifying revoked certificates, Michael Young Re: Identifying revoked certificates, Werner Koch Re: Fixing the secret keys, and a small apology, Florian Weimer Re: Fixing the secret keys, and a small apology, Michael Young