Authentication Of End Users During Certificate Revocation - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

Revocation
end user can also specify additional details, such as the date of revocation and
revocation reason for each certificate or for the list as a whole. For instructions on how
end users revoke their certificates, see the online help available by clicking the Help
buttons in the end-entity forms.
• Agents can revoke certificates based on a range of serial numbers or based on one or
more subject name components. Upon submission of the revocation request, agents
receive a list of certificates from which they can pick the ones to be revoked. For
instructions on how agents revoke end-entity certificates, see the CS Agent's Guide.
Upon receiving the list of certificates to be revoked, the Registration Manager creates a
CMMF request and sends it to the Certificate Manager. The Certificate Manager marks the
corresponding certificate records in its internal database as revoked, and if configured to do
so, removes the revoked certificates from the publishing directory and updates the CRL in
the publishing directory.
Authentication of End Users During Certificate
Revocation
When an end user submits a certificate revocation request, the first step in the revocation
process is for the Certificate Manager or Registration Manager to identify and authenticate
the end user to verify that the user is attempting to revoke his or her own certificate, not a
certificate belonging to someone else.
Both the Certificate Manager and Registration Manager support the SSL Client
Authenticated Revocation and the Challenge-Password-Based Revocation.
SSL Client Authenticated Revocation
In an SSL client authenticated revocation method, the server expects the end user to present
a certificate that has the same subject name as the one they wants to revoke and uses that for
authentication purposes. The server verifies the authenticity of a revocation request by
mapping the subject name in the certificate being presented for client authentication to
certificates in its internal database. The server revokes the certificate only if the certificate
maps successfully to one or more valid or expired certificates in its internal database.
After successful authentication, if the server detects only one valid or expired certificate
with matching subject name as that of the one presented for client authentication, it revokes
the certificate. If the server detects more than one valid or expired certificate with matching
subject name, it lists all those certificates. The user can then either select the certificate to be
revoked or revoke all certificates in the list.
570 Red Hat Certificate System Administrator's Guide • September 2005