Anish,
You responded to Bob's "Pros and Cons" message and I though a
few observations to your response would be helpful. The real
burden for operating a simple CRL responder involves robust
availability. However, some of the proposals put forth call for
the CA to issue a CRL that carries a current timestamp, which is
different from just operating a responder, i.e., it introduces new
requirements for availability of CA keying material, and these
requirements have adverse security implications.
The problem of mapping a CA DN into a mailbox name for access to a
CRL responder is not fully addressed by establishing a well know
mailbox name. There must be a means of making the initial
determination of host name, e.g., that [C=US, S= Massachusetts, O=
Bolt Beranek and Newman] should map to "bbn.com" for example. In
general this is no analytic way to perform this mapping, although
table-based solutions have been proposed.
The problem with pushing CRLs is that its hard (impossible?) to
know to whom to push them. That's why the PEM model, even though
it supports pushing CRLs, envisions this as something that would
be used primarily by CAs for local distribution.
As for time stamping, I don't know that CAs should provide this
function for message text, because one really wants a neutral,
trusted third-party to offer this facility. Time stamping a CRL
with the time at which it was sent is a different function, but it
alters the semantics of CRL use and one should fully understand
the implications of this before seriously pursuing this approach.
As I noted in my response to Bob, his model fails to account for
CA certificate revocation and thus is not complete. Making it
complete moves us into a system that requires real-time
availability for all CAs, PCAs, and the IPRA, which is counter to
an email, staged delivery system model. Maybe this is more
appropriate for a POS system model with a different certification
model.
Steve