'RE: Digital Certification Revocation'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    RE: Digital Certification Revocation
From:       "David Gillett" <gillettdavid () fhda ! edu>
Date:       2009-09-18 18:56:40
Message-ID: AF9A83BB082241FCBEF7221D4EB6E47C () shadows ! fhda ! edu
[Download RAW message or body]

  SOMEBODY has to tell the world to revoke the cert.  If YOU
weren't DEAD, you could do it...

David Gillett
 

> -----Original Message-----
> From: Peter, Matt [mailto:matt.peter@capgemini.com] 
> Sent: Friday, September 18, 2009 9:43 AM
> To: M.D.Mufambisi; Tracy Reed
> Cc: pen-test@securityfocus.com; security-basics
> Subject: RE: Digital Certification Revocation
> 
> Isn't that something you would put in your will and require 
> be executed? 
> 
> If you're this paranoid you could require two unrelated 
> parties do it together.
> 
> -----Original Message-----
> From: listbounce@securityfocus.com 
> [mailto:listbounce@securityfocus.com] On Behalf Of M.D.Mufambisi
> Sent: Friday, September 18, 2009 11:36 AM
> To: Tracy Reed
> Cc: pen-test@securityfocus.com; security-basics
> Subject: Re: Digital Certification Revocation
> 
> Thanks tracy. In the event that i die, what stops someone 
> with access to my digital certification pose as me? Does 
> someone have to revoke MY certificate in the even of my death?
> 
> Regards
> 
> Munya
> 
> On 9/17/09, Tracy Reed <treed@ultraviolet.org> wrote:
> > On Wed, Sep 16, 2009 at 06:53:26PM +0200, M.D.Mufambisi 
> spake thusly:
> > > Another question from yours truly. When someone has a digital 
> > > certificate, and then passes away (dies) how does the Revocation 
> > > authority get to know about this so as to disallow further use of 
> > > that persons digital cert?
> > 
> > The authority needs to be sent a revocation request signed by the 
> > certificate being revoked. It is good practice to generate this 
> > revocation request at key generation time and keep it in a 
> safe place. 
> > This is because if the signing key is lost such that no signed 
> > revocation certificate can be generated it becomes impossible to 
> > revoke.
> > 
> > Similarly, if the private signing key is encrypted and the owner of 
> > the key takes the password to their grave it is impossible 
> to generate 
> > a revocation certificate.
> > 
> > --
> > Tracy Reed
> > http://tracyreed.org
> > 
> 
> --------------------------------------------------------------
> ----------
> Securing Apache Web Server with thawte Digital Certificate In 
> this guide we examine the importance of Apache-SSL and who 
> needs an SSL certificate.  We look at how SSL works, how it 
> benefits your company and how your customers can tell if a 
> site is secure. You will find out how to test, purchase, 
> install and use a thawte Digital Certificate on your Apache 
> web server. Throughout, best practices for set-up are 
> highlighted to help you ensure efficient ongoing management 
> of your encryption keys and digital certificates.
> 
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
> e13b6be442f727d1
> --------------------------------------------------------------
> ----------
> 
> 
> 
> 
> 
> 
> 
> This message contains information that may be privileged or 
> confidential and is the property of the Capgemini Group. It 
> is intended only for the person to whom it is addressed. If 
> you are not the intended recipient, you are not authorized to 
> read, print, retain, copy, disseminate, distribute, or use 
> this message or any part thereof. If you receive this message 
> in error, please notify the sender immediately and delete all 
> copies of this message.
> 
> 
> --------------------------------------------------------------
> ----------
> Securing Apache Web Server with thawte Digital Certificate In 
> this guide we examine the importance of Apache-SSL and who 
> needs an SSL certificate.  We look at how SSL works, how it 
> benefits your company and how your customers can tell if a 
> site is secure. You will find out how to test, purchase, 
> install and use a thawte Digital Certificate on your Apache 
> web server. Throughout, best practices for set-up are 
> highlighted to help you ensure efficient ongoing management 
> of your encryption keys and digital certificates.
> 
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
> e13b6be442f727d1
> --------------------------------------------------------------
> ----------
> 

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL \
certificate.  We look at how SSL works, how it benefits your company and how your \
customers can tell if a site is secure. You will find out how to test, purchase, \
install and use a thawte Digital Certificate on your Apache web server. Throughout, \
best practices for set-up are highlighted to help you ensure efficient ongoing \
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic