I vaguely thought that PCA's policies were supposes to include a
maximum interval between the issuance of CRL's so, while you might not
know the most recent one actually issued, you could always demand one
no older than this maximum and disbelieve things till you got it. This
eliminates any secure comm needs.
Donald
From: TCJones(_at_)dockmaster(_dot_)ncsc(_dot_)mil
To: pem-dev(_at_)tis(_dot_)com
Bob J> But if the security of the system depends in any way of the
certificate distribution mechanism, whether X.500 or something else,
then we have failed completely. We _certainly_ should not be depending
on a secure protocol.
Rhys> While you are right that the security of certificates should not
depend on the security of the protocol, there are other issues.
This is the part of the PEM discussion where I always get lost. I
realize that the certificates can be passed from hand-to-hand or any
other way that works, BUT, since non-repudiation is not possible unless
we are assured that no CRL is out-standing, secure communications to
assertain that fact is required. Bob's conclusion would apply then, no?
Peace ..Tom