[18215] in cryptography@c2.net mail archive
Re: How many wrongs do you need to make a right?
daemon@ATHENA.MIT.EDU (Adam Back)
Wed Aug 17 11:05:35 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 17 Aug 2005 09:51:52 -0400
From: Adam Back <adam@cypherspace.org>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: Florian Weimer <fw@deneb.enyo.de>,
Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com,
Adam Back <adam@cypherspace.org>
In-Reply-To: <20050817124019.0584A3BFDC5@berkshire.machshav.com>
Not to defend PKI, but what about delta-CRLs?
Maybe not available at time of the Navy deployment? But certainly
meaning that people can download just changes since last update.
Steven writes:
> [alternatives] such as simply publishing the hash of revoked
> certificates,
Well presumably you mean a Merkle hash tree or something? (A single
hash of all the revoked certs doesn't help you as you don't know which
are revoked and so have insufficient data to go into the hash function
verify if a given cert is on the list.)
Adam
On Wed, Aug 17, 2005 at 08:40:19AM -0400, Steven M. Bellovin wrote:
> In message <87br3wdal7.fsf@mid.deneb.enyo.de>, Florian Weimer writes:
>
> >
> >Can't you strip the certificates which have expired from the CRL? (I
> >know that with OpenPGP, you can't, but that's a different story.)
> >
> >OTOH, I wouldn't be concerned by the file size, although it's
> >certainly annoying. I would be really worried that the contents of
> >that CRL leaks sensitive information. At least from a privacy point
> >of view, this is a big, big problem, especially if you include some
> >indication which allows you to judge the validity of old signatures.
> >
>
> One can easily conceive of schemes that don't have such problems, such
> as simply publishing the hash of revoked certificates, or using a Bloom
> filter based on the hashes.
>
> Of course, that doesn't mean that was how it was done...
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
