[Smcwg-public] Certificate Suspension
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Thu Aug 25 05:45:34 UTC 2022
On 25/8/2022 12:17 π.μ., Russ Housley via Smcwg-public wrote:
> I tend to agree with Stephen. I am unaware of any S/MIME client
> software that would handle a certificate suspension any differently
> that a revocation.
>
Which is perfectly fine and expected when a certificate is "suspended"
(i.e. not to be trusted at time of verification). If a S/MIME client
software wants to provide some kind of different UI message like "this
certificate is currently suspended" instead of "the signing certificate
is revoked" and explain what that means, IMO that would be an
improvement similar to what's happening with the server TLS user agents
providing different user experience depending on the revocationReason code.
More information about the Smcwg-public
mailing list