My initial reaction is that for a CRL entry with an unrecognized critical
extension: if its serial number is not one we're looking for, ignore the entry
and parse the rest of the CRL; if it is, abort processing of the CRL and
complain: the CA has made an invalid assumption about the user community.
Hmm. I'm having a hard time trying to come up with an example. My first
reaction, that any extensions that was flagged as critical in the certificate
would be flagged as critical in the CRL, is probably NOT true. Even if I have
to understand a caveat field in order to understand what limitations are placed
on the use of the certificate, I don't have to understand that in order to
revoke the certificate.
I suppose that we could have a critical extension that applied to the entire
LIST of CRLs, and in addition a critical extension that applies to only one
certificate being revoked? Does the syntax support that?
I would have thought that perhaps there would only be a CRL entry critical
extension if some form of 'special handling' of the revoked certificate was
required, which would indicate that this certificate was only being used in
a particular application. Thus there probably should have been a
complementary critical extension in the issued certificate itself, so that
a user outside of this application, unable to perform this special handling,
would never be using the certificate.
Not necessarily. Suppose that we have an extension field which indicates the
reason for the revocation. If the reason is an innocuous one, i.e., change of
name after marriage, or change of address, then there is no reason to actually
reject a document that was signed using that certificate -- it may just be
arriving late. A slighly less innocuous reason might be that an employee has
left the company -- this isn't too important in the case of routine business
correponance, but might be quite important in the case of a role such as a
Purchasing Agent. Any documents dated after the dae of the CRL must be
rejected, and consideing the difficuly of syncrhonizing clocks, so additional
care should be taken. However, documents that were received before the CRL
should be presumed to be valid, despite the CRL. Finally, certificates that are
revoked becaause an actual or suspected key compromise must be looked at in a
special light. Although the originator may still be held liable for them,
prudence requires a closer examination of the facts, and exercise of due
diligence.
It could be argued as to whether the Reason of Revocation field _should_ be
marked as critical -- we should discuss that further -- but it is clear that
there is no corresponding extension in the certificate itself. (This may not
always be the case, however.)
Having a CRL receiver ignore extensions in entries revoking certificates it
doesn't have would then be beneficial in that a CA doesn't need to issue
multiple (simultaneous) CRLs for each flavour of critical extension.
Suppose that a certificate includes the granting of several kinds of
authorities. Would it be possible to revoke only one of those authorities,
leaving the others intact? If so, that extension should be marked critical, and
if the processing software can't handle that the entire certificate should be
rejected. A new certificate should be made available in either case, but it
might not be necessary to go get one immediately.
Bob
------------------------------------------------------------
Mark Wahl; M(_dot_)Wahl(_at_)isode(_dot_)com; ISODE Consortium;
http://www.isode.com/
--------------------------------
Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254
FAX: 1-617-466-2603
Voice: 1-617-466-2820