Does revoking a certificate result in revocation of its key?What considerations should apply for self service Renewing, Revoking, or Unrevoking a certificate?Why isn't there a certificate revocation request standard?Why do so many browsers show sites with revoked certificates?Create revocation certificate for all user IDsWho is responsible for revoking a certificate?Decryption After Public-Private Key Pair RevocationOpenPGP SmartCard: generate revocation certificate on-card?

Why doesn't hot charcoal glow blue?

Why can a T* be passed in register, but a unique_ptr<T> cannot?

Is the phrase “You are requested” polite or rude?

Why did my relationship with my wife go down by two hearts?

What exactly is meant by "partial function" in functional programming?

Making a pikuach nefesh phone call on Yom Kippur - mitsva or something to be avoided?

How come Aboriginal Australians didn't manage to raise their civilization levels to that of other continents?

Will I be allowed to enter the US after living there illegally then legally in the past?

Rules on "Pets on shoulder"

The Immortal Jellyfish

Can Microsoft employees see my data in Azure?

What's the meaning of Electrical Inches?

Is it allowed to let the engine of an aircraft idle without a pilot in the plane. (For both helicopters and aeroplanes)

Crop Image to Circle

Can elves trance in armor without any downsides?

What plausible reasons why people forget they didn't originally live on this new planet?

Would a spacecraft carry arc welding supplies?

Should I respond to a sabotage accusation e-mail at work?

Grade changes with auto grader

Why is lambda return type not checked at compile time

Are Star Trek races uniform?

Nobel prize in literature 2018 - what is "encyclopedic passion"?

When applying for a visa has there ever been a case of embassy asking for proof of right to be in the present country?

Do any languages mark social distinctions other than gender and status?



Does revoking a certificate result in revocation of its key?


What considerations should apply for self service Renewing, Revoking, or Unrevoking a certificate?Why isn't there a certificate revocation request standard?Why do so many browsers show sites with revoked certificates?Create revocation certificate for all user IDsWho is responsible for revoking a certificate?Decryption After Public-Private Key Pair RevocationOpenPGP SmartCard: generate revocation certificate on-card?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;









3

















If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






cryptography certificate-revocation







share|improve this question


































    3

















    If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






    cryptography certificate-revocation







    share|improve this question






























      3












      3








      3








      If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






      cryptography certificate-revocation







      share|improve this question

















      If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






      cryptography certificate-revocation




      cryptography certificate-revocation






      share|improve this question
















      share|improve this question













      share|improve this question




      share|improve this question








      edited May 26 at 9:21









      Glorfindel

      1,3132 gold badges10 silver badges22 bronze badges




      1,3132 gold badges10 silver badges22 bronze badges










      asked May 26 at 9:13









      JosefictuousJosefictuous

      234 bronze badges




      234 bronze badges























          1 Answer
          1






          active

          oldest

          votes


















          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10












          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "162"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );














          draft saved

          draft discarded
















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f210810%2fdoes-revoking-a-certificate-result-in-revocation-of-its-key%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown


























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10















          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10













          6














          6










          6









          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer














          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.







          share|improve this answer













          share|improve this answer




          share|improve this answer










          answered May 26 at 10:10









          Steffen UllrichSteffen Ullrich

          132k17 gold badges238 silver badges306 bronze badges




          132k17 gold badges238 silver badges306 bronze badges










          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10












          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10







          6




          6





          ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

          – Maarten Bodewes
          May 26 at 14:24





          ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

          – Maarten Bodewes
          May 26 at 14:24













          @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

          – John Dvorak
          May 26 at 18:10





          @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

          – John Dvorak
          May 26 at 18:10


















          draft saved

          draft discarded















































          Thanks for contributing an answer to Information Security Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f210810%2fdoes-revoking-a-certificate-result-in-revocation-of-its-key%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown









          -

          Popular posts from this blog

          Tamil (spriik) Luke uk diar | Nawigatjuun

          Image
          Fering ArtiikelDrawiidisk Spriiken SölringÖömrangFeringHalunderHalifreeskMooringWiringhiirderKarhiirderGooshiirderDrawiidisk SpriikTamil NaduIndienSri Lanka (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003EFersteegu003C/au003E]u003C/divu003Eu003Cdiv class="mw-dismissable-notice-body"u003Eu003Cdiv id="localNotice" lang="frr" dir="ltr"u003Eu003Cdiv id="sitenotice"u003Enu003Ccenteru003Enu003Ctable class="rahmenfarbe4" style="border-style: solid; border-width: thin; width: 70%;"u003Ennu003Ctbodyu003Eu003Ctru003Enu003Ctd style="text-align:center;"u003Eu003Ca href="/wiki/Datei:Nordfriesischeflagge.svg" class="image"u003Eu003Cimg alt="Nordfriesische
          Read more

          Align equal signs while including text over equalitiesAMS align: left aligned text/math plus multicolumn alignmentMultiple alignmentsAligning equations in multiple placesNumbering and aligning an equation with multiple columnsHow to align one equation with another multline equationUsing \ in environments inside the begintabularxNumber equations and preserving alignment of equal signsHow can I align equations to the left and to the right?Double equation alignment problem within align enviromentAligned within align: Why are they right-aligned?

          Image
          Why didn't the Universal Translator speak whale? What is /dev/null and why can't I use hx on it? The work of mathematicians outside their professional environment Does the DOJ's declining to investigate the Trump-Zelensky call ruin the basis for impeachment? Are there any tricks to pushing a grand piano? Maintaining distance Does it require less energy to reach the Sun from Pluto's orbit than from Earth's orbit? Object Oriented Design: Where to place behavior that pertains to more than one type of object? Choice of solvent during thin layer chromatography How to catch creatures that can predict the next few minutes? Use floats or doubles when writing mobile games How come the Russian cognate for the Czech word "čerstvý" (fresh) means entirely the opposite thing (stale)? What are the limits on an impeached and not convicted president? How to calculate Limit of this sequence Bash-script as linux-service won't run, but executed
          Read more

          Where does the image of a data connector as a sharp metal spike originate from?Where does the concept of infected people turning into zombies only after death originate from?Where does the motif of a reanimated human head originate?Where did the notion that Dragons could speak originate?Where does the archetypal image of the 'Grey' alien come from?Where did the suffix '-Man' originate?Where does the notion of being injured or killed by an illusion originate?Where did the term “sophont” originate?Where does the trope of magic spells being driven by advanced technology originate from?Where did the term “the living impaired” originate?

          Image
          Automatically extend a Python list to N elements if it's too short? Fired for a policy I didnt know about, as well as another false reason Why isn't tilde recognised as home folder in this case? When does an Artillerist's Cannon have disadvantage? How large should a hole be for a bolt to go through? When is TeX better than LaTeX? How to determine if drill is suitable for concrete? Huygens Lander: Why The Short Battery Life? Why do people use bigger cassettes for lower gearing when they could instead use smaller chainrings? Is there a difference between downloading / installing a list of packages and downloading each packge by its own? Question about exercise 21.10 in The TeXbook How to publish a page using tridion core service client in sdl web 8.5 Can one get into trouble if one doesn't show up at the gate 30 minutes before departure (or whatever time window the boarding pass is indicating)? Does an action-reaction pair always contain the same
          Read more