Does revoking a certificate result in revocation of its key?What considerations should apply for self service Renewing, Revoking, or Unrevoking a certificate?Why isn't there a certificate revocation request standard?Why do so many browsers show sites with revoked certificates?Create revocation certificate for all user IDsWho is responsible for revoking a certificate?Decryption After Public-Private Key Pair RevocationOpenPGP SmartCard: generate revocation certificate on-card?

Why doesn't hot charcoal glow blue?

Why can a T* be passed in register, but a unique_ptr<T> cannot?

Is the phrase “You are requested” polite or rude?

Why did my relationship with my wife go down by two hearts?

What exactly is meant by "partial function" in functional programming?

Making a pikuach nefesh phone call on Yom Kippur - mitsva or something to be avoided?

How come Aboriginal Australians didn't manage to raise their civilization levels to that of other continents?

Will I be allowed to enter the US after living there illegally then legally in the past?

Rules on "Pets on shoulder"

The Immortal Jellyfish

Can Microsoft employees see my data in Azure?

What's the meaning of Electrical Inches?

Is it allowed to let the engine of an aircraft idle without a pilot in the plane. (For both helicopters and aeroplanes)

Crop Image to Circle

Can elves trance in armor without any downsides?

What plausible reasons why people forget they didn't originally live on this new planet?

Would a spacecraft carry arc welding supplies?

Should I respond to a sabotage accusation e-mail at work?

Grade changes with auto grader

Why is lambda return type not checked at compile time

Are Star Trek races uniform?

Nobel prize in literature 2018 - what is "encyclopedic passion"?

When applying for a visa has there ever been a case of embassy asking for proof of right to be in the present country?

Do any languages mark social distinctions other than gender and status?



Does revoking a certificate result in revocation of its key?


What considerations should apply for self service Renewing, Revoking, or Unrevoking a certificate?Why isn't there a certificate revocation request standard?Why do so many browsers show sites with revoked certificates?Create revocation certificate for all user IDsWho is responsible for revoking a certificate?Decryption After Public-Private Key Pair RevocationOpenPGP SmartCard: generate revocation certificate on-card?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;









3

















If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






cryptography certificate-revocation







share|improve this question


































    3

















    If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






    cryptography certificate-revocation







    share|improve this question






























      3












      3








      3








      If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






      cryptography certificate-revocation







      share|improve this question

















      If I request my identity certificate to be revoked for any reason other than key compromise, would the private key also be revoked in result?






      cryptography certificate-revocation




      cryptography certificate-revocation






      share|improve this question
















      share|improve this question













      share|improve this question




      share|improve this question








      edited May 26 at 9:21









      Glorfindel

      1,3132 gold badges10 silver badges22 bronze badges




      1,3132 gold badges10 silver badges22 bronze badges










      asked May 26 at 9:13









      JosefictuousJosefictuous

      234 bronze badges




      234 bronze badges























          1 Answer
          1






          active

          oldest

          votes


















          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10












          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "162"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );














          draft saved

          draft discarded
















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f210810%2fdoes-revoking-a-certificate-result-in-revocation-of-its-key%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown


























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10















          6


















          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer





















          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10













          6














          6










          6









          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.






          share|improve this answer














          There is no revocation of different parts of the certificate, i.e. a certificate is either revoked in full or not revoked at all. This also means that the certificate itself is revoked and not the key of the certificate, i.e. other certificates which use the same key are not affected by the revocation. And this means that you are free to reuse the key for another certificate.







          share|improve this answer













          share|improve this answer




          share|improve this answer










          answered May 26 at 10:10









          Steffen UllrichSteffen Ullrich

          132k17 gold badges238 silver badges306 bronze badges




          132k17 gold badges238 silver badges306 bronze badges










          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10












          • 6





            ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

            – Maarten Bodewes
            May 26 at 14:24











          • @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

            – John Dvorak
            May 26 at 18:10







          6




          6





          ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

          – Maarten Bodewes
          May 26 at 14:24





          ... although practically you should use different keys for different purposes, if just because you'd have to revoke all certificates if the key does get compromised (and revocation is no panacea, e.g. revoking a certificate on enveloped data does not help if the private key has been compromised).

          – Maarten Bodewes
          May 26 at 14:24













          @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

          – John Dvorak
          May 26 at 18:10





          @MaartenBodewes in fact, if you use the same key for encryption and signing, and I hear you have a certificate to revoke, I'm immediately putting my black hat on, scanning the CRL and then scouring the Internet for said private keys.

          – John Dvorak
          May 26 at 18:10


















          draft saved

          draft discarded















































          Thanks for contributing an answer to Information Security Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f210810%2fdoes-revoking-a-certificate-result-in-revocation-of-its-key%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown









          -

          Popular posts from this blog

          Tamil (spriik) Luke uk diar | Nawigatjuun

          Image
          Fering ArtiikelDrawiidisk Spriiken SölringÖömrangFeringHalunderHalifreeskMooringWiringhiirderKarhiirderGooshiirderDrawiidisk SpriikTamil NaduIndienSri Lanka (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003EFersteegu003C/au003E]u003C/divu003Eu003Cdiv class="mw-dismissable-notice-body"u003Eu003Cdiv id="localNotice" lang="frr" dir="ltr"u003Eu003Cdiv id="sitenotice"u003Enu003Ccenteru003Enu003Ctable class="rahmenfarbe4" style="border-style: solid; border-width: thin; width: 70%;"u003Ennu003Ctbodyu003Eu003Ctru003Enu003Ctd style="text-align:center;"u003Eu003Ca href="/wiki/Datei:Nordfriesischeflagge.svg" class="image"u003Eu003Cimg alt="Nordfriesische
          Read more

          Align equal signs while including text over equalitiesAMS align: left aligned text/math plus multicolumn alignmentMultiple alignmentsAligning equations in multiple placesNumbering and aligning an equation with multiple columnsHow to align one equation with another multline equationUsing \ in environments inside the begintabularxNumber equations and preserving alignment of equal signsHow can I align equations to the left and to the right?Double equation alignment problem within align enviromentAligned within align: Why are they right-aligned?

          Image
          Why didn't the Universal Translator speak whale? What is /dev/null and why can't I use hx on it? The work of mathematicians outside their professional environment Does the DOJ's declining to investigate the Trump-Zelensky call ruin the basis for impeachment? Are there any tricks to pushing a grand piano? Maintaining distance Does it require less energy to reach the Sun from Pluto's orbit than from Earth's orbit? Object Oriented Design: Where to place behavior that pertains to more than one type of object? Choice of solvent during thin layer chromatography How to catch creatures that can predict the next few minutes? Use floats or doubles when writing mobile games How come the Russian cognate for the Czech word "čerstvý" (fresh) means entirely the opposite thing (stale)? What are the limits on an impeached and not convicted president? How to calculate Limit of this sequence Bash-script as linux-service won't run, but executed
          Read more

          Training a classifier when some of the features are unknownWhy does Gradient Boosting regression predict negative values when there are no negative y-values in my training set?How to improve an existing (trained) classifier?What is effect when I set up some self defined predisctor variables?Why Matlab neural network classification returns decimal values on prediction dataset?Fitting and transforming text data in training, testing, and validation setsHow to quantify the performance of the classifier (multi-class SVM) using the test data?How do I control for some patients providing multiple samples in my training data?Training and Test setTraining a convolutional neural network for image denoising in MatlabShouldn't an autoencoder with #(neurons in hidden layer) = #(neurons in input layer) be “perfect”?

          Image
          Extremely casual way to make requests to very close friends Why are Gatwick's runways too close together? AsyncDictionary - Can you break thread safety? Different inverter (logic gate) symbols Y2K... in 2019? Withdrew when Jimmy met up with Heath Christian apologetics regarding the killing of innocent children during the Genesis flood How does 'AND' distribute over 'OR' (Set Theory)? Ex-contractor published company source code and secrets online how to differentiate when a child lwc component is called twice in parent component? Infeasibility in mathematical optimization models How is this kind of structure made? Plausibility of Ice Eaters in the Arctic Tikzpicture - finish drawing a curved line for a cake slice Why is transplanting a specific intact brain impossible if it is generally possible? How to create all combinations from a nested list while preserving the structure using R? What should I call bands of armed men in Medieval T
          Read more