[Smcwg-public] Certificate Suspension
Russ Housley
housley at vigilsec.com
Thu Aug 25 17:29:36 UTC 2022
Dimitris:
>> I tend to agree with Stephen. I am unaware of any S/MIME client software that would handle a certificate suspension any differently that a revocation.
>
> Which is perfectly fine and expected when a certificate is "suspended" (i.e. not to be trusted at time of verification). If a S/MIME client software wants to provide some kind of different UI message like "this certificate is currently suspended" instead of "the signing certificate is revoked" and explain what that means, IMO that would be an improvement similar to what's happening with the server TLS user agents providing different user experience depending on the revocationReason code.
This is a topic that has been discussed over and over since the mid 1990s. It never gets consensus in either direction. I predict that will be the case here too.
I worry about the following series of events leads to confused user:
- Sender sends a signed message
- The Sender's certificate gets suspended
- Recipient tries to verify the signature and is told that the Sender's certificate is revoked
- The Sender's certificate gets unsuspended
- Recipient tries to verify the signature from a save folder and is told that the signature is fine
A normal human will not understand what happened.
Russ
More information about the Smcwg-public
mailing list