How does certificate revocation work with intermediate CA's?

后端 未结 1 1687
不思量自难忘°
不思量自难忘° 2021-02-19 14:55

Suppose a PKI hierarchy like below.

root CA ==> inter-1 CA ==> user-1
  \\
   \\======> inter-2 CA ==> user-2

My question is: does

相关标签:
1条回答
  • 2021-02-19 15:14

    No, revocation of certificate is not propagated across the CA tree. Each CA (root and intermediate in your case) is responsible of the publication of the CRL containing the list of only the revoked certificates that were issued by this CA.

    An example:

    Root CA publishes a CRL for the certificates issued by Root CA: inter-1 CA and inter-2 CA. Root CA is not aware of the user-1 and user-2 certificates or their revocation status.

    inter-1 CA (resp inter-2 CA) publishes a CRL containing the list of revoked certificates issued by inter-1 CA (resp inter-2 CA) and only these certificates.

    CRL Root CA   CRL inter-1 CA 
      ^             ^
      |             |
    root CA ==> inter-1 CA ==> user-1
      |
      |           CRL inter-2 CA 
      |             ^
      \             |
       \======> inter-2 CA ==> user-2
    

    if user-1 certificate is revoked, this certificate (actually its serial number) will only appear in the CRL published by inter-1 CA.

    When someone wants to check the validity the user-1 certificate the process is as follows:

    1. build the certificate chain between the certificate and a trusted CA: user-1 / inter-1 CA / root CA
    2. fetch the CRL for the first certificate in the list
    3. verify the signature of the CRL
    4. check the status of the first certificate in the list against this CRL
    5. if the status is not revoked, remove the certificate from the list and go to 2. otherwise fail
    6. if the list contains only the trusted CA, check the chain of signature of the certificates (a certificate must be signed by the following certificate in the list)
    7. if all signature have been checked and are valid, the user-1 certificate is valid.

    Note that validating the CRL signature can trigger a validation of another certificate chain : i.e. this algorithm can be recursive. Actually the X.509 certificate validation algorithm is (very) complex and I just summarize the principles here.

    0 讨论(0)
提交回复
热议问题