undefined | Better HN

0 pointsleftbehind1y ago0 comments

> Looking at digicert[1], if a revocation request is submitted, the owner must approve it. What happens if I just don't approve it?

So in this case, this is the happy-case where you as the owner wish to simply realize the cancellation a cert that you are no longer using.

A different workflow applies, such that you have the private key you instead send a POST to 'https://problemreport.digicert.com/api/keys/compromised' with the private key in the JSON body and it will be queued. It is mandatory Baseline Requirements wise to cancel the certificate within 24 hours in the compromised case - usually instant if the pk matches cert - with the expectation that of course the owner will not go this route.

0 comments

JakaJancar1y ago

Makes sense, thanks!

j / k navigate · click thread line to collapse

0 pointsleftbehind1y ago0 comments

> Looking at digicert[1], if a revocation request is submitted, the owner must approve it. What happens if I just don't approve it?

So in this case, this is the happy-case where you as the owner wish to simply realize the cancellation a cert that you are no longer using.