[TriLUG] "TBA" Course Curriculum and Other Matters
James Olin Oden
james.oden at gmail.com
Tue Dec 9 14:13:10 EST 2008
On Tue, Dec 9, 2008 at 1:55 PM, Neil L. Little <nllittle at embarqmail.com> wrote:
> Looking at the "dark-side", what does one do when an /'evil-doer' /slips
> into your Web of Trust?
> What are the security aspects for dealing with such an invasion. This is
> an eventuality that is certain to happen at some point.
>
You have to revoke their certificate. This is discussed in "Network
Security with OpenSSL" (yet another O'Reilly book).
I am no expert here, but apparently there is something called a CRL
(Certificate Revocation List?), that
CA's publish. I don't know much more than that, though its one of the
things I have to figure out soonishly.
> Sorry to slip such dark thoughts in at this time of year.
No its a good thought, as many when planning on how they will deal
with their org's certs don't go as far as certificate revocation.
Its kind of like having a disaster recovery plan; its necessary.
...james
More information about the TriLUG
mailing list