[tor-dev] proposal 240: Early signing key revocation for directory authorities.

Ian Goldberg iang at cs.uwaterloo.ca
Sun Jan 11 11:33:25 UTC 2015


On Sat, Jan 10, 2015 at 03:46:32PM -0500, Nick Mathewson wrote:
> 5. Circular revocation
> 
>    My first attempt at writing a proposal here included a lengthy
>    section about how to handle cases where certificate A revokes the key
>    of certificate B, and certificate B revokes the key of certificate A.
> 
>    Instead, I am inclined to say that this is a MUST NOT.

You still have to tell clients what to do if they see that situation.

A little while back, agl and I were discussing X.509 revocation, and we
came to the tentative conclusion that by allowing for the recovation of
certificates that revoke other certificates, and multiple signatures on
certificates, determining whether a certificate was valid could actually
be formally incomputable in general.


More information about the tor-dev mailing list