[144408] in cryptography@c2.net mail archive
Re: Has any public CA ever had their certificate revoked?
daemon@ATHENA.MIT.EDU (dan@geer.org)
Mon May 4 17:55:58 2009
From: dan@geer.org
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: cryptography@metzdowd.com
In-Reply-To: Your message of "Sun, 03 May 2009 01:07:45 +1200."
<E1M0EwT-00007W-KF@wintermute01.cs.auckland.ac.nz>
Date: Sun, 03 May 2009 16:57:59 -0400
No, but a few years ago I looked at all the certs in IE
and Netscape and found that about 30% of them were from
companies that were at that time no longer in existence.
The expiries on those where-are-they-now certs were often
as not three decades into the future.
N.B., if you are willing to take "no longer baked into
the browser" as effectively revocation, there is a
retrospective clerical job that might be a fun project
if you had some graduate student labor to assign.
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
