Hello, Consider a two tier PKI consisting of a standalone offline root CA and an enterprise policy/issuing subordinate CA. Everything I read says *not* to include any CDP or AIA extensions when generating the initial standalone root CA cert in order to prevent revocation loops. Well, how would you ever know if a subordinate CA cert of the standalone root CA got compromised? Or is this just a caculated risk to avoid the other potential issues? Or, am I missing something else altogether? Also, am I correct in believing that the CDP or AIA extensions cannot be updated on a root or subordinate cert *after* it's been generated? Any insight appreciated...

you have misunderstood this requirement. You need to remove CDP/AIA extensions from *Root CA certificate* itself. However you still need to maintain CDP/AIA extensions on CA server.http://en-us.sysadmins.lv

Hello, Thank you for your response. I assume you mean that I still need to maintain CDP/AIA extensions on the *enterprise issuing subordinate CA*, and yes I understand that. So it's possible for the enterprise subCA to revoke certs, and clients would pickup on the revocation thru the CDP/AIA extensions of the subCA. But if the subCA cert itself is compromised, you could revoke it at the standalone root, and even generate a crl file. But there doesn't seem to be a mechanism for client machines/users to ever find that out. Is this really the case? Am I understanding this correctly?

I just wrote a blog post for this common question: http://en-us.sysadmins.lv/Lists/Posts/Post.aspx?ID=36http://en-us.sysadmins.lv