Date: Fri, 26 Sep 97 15:32:34 +0100
Message-Id: <11021.1629093009@x400.icl.co.uk>
From: "NC Battle" <nick.battle@x400.icl.co.uk>
To: java-security@web2.javasoft.com
Subject: Revoking bad certificates?
I haven't seen any discussion about what happens if the
certificate used to sign an applet is revoked by the CA?
For example, if an applet writer's private key is stolen by some
means (accidental or malicious) and the writer wants to revoke his
certificate to prevent people believing the thief's applets are
his, how is that "revocation event" circulated to all the applet
users (and who is responsible for its circulation)?
Thanks,
-nick