Security Basics mailing list archives
Re: Digital Certification Revocation
From: Tracy Reed <treed () ultraviolet org>
Date: Fri, 18 Sep 2009 09:40:45 -0700
On Fri, Sep 18, 2009 at 05:36:05PM +0200, M.D.Mufambisi spake thusly:
Thanks tracy. In the event that i die, what stops someone with access to my digital certification pose as me? Does someone have to revoke MY certificate in the even of my death?
The private key should be encrypted with a password. If nobody else knows your password they cannot make new signatures and pose as you. Nor can they make a revocation certificate. If you have pre-generated the revocation certificate (which you should) you must keep it physically secure. Only the person who you would want to handle the revocation in the event of your death should have access to it. Nobody has to revoke your certificate in the event of your death. It might be nice if someone would revoke it but if signed messages start turning up after your death it should not be hard for anyone who cares (not sure who that would be, perhaps your estate or next of kin) to prove that you did not sign the messages. -- Tracy Reed http://tracyreed.org
Attachment:
_bin
Description:
Current thread:
- Digital Certification Revocation M.D.Mufambisi (Sep 17)
- Re: Digital Certification Revocation Tracy Reed (Sep 17)
- Re: Digital Certification Revocation M.D.Mufambisi (Sep 18)
- Re: Digital Certification Revocation Tracy Reed (Sep 18)
- RE: Digital Certification Revocation Peter, Matt (Sep 18)
- Re: Digital Certification Revocation M.D.Mufambisi (Sep 18)
- RE: Digital Certification Revocation David Gillett (Sep 18)
- Re: Digital Certification Revocation M.D.Mufambisi (Sep 18)
- Re: Digital Certification Revocation Tracy Reed (Sep 17)