How do I revoke a certificate already issued? Is it any script available on Blockcert issuer code on GitHub? Is it possible to do it?
How the revocation List updated? Is it updated automatically while issue certificate and if it fails issue?
How do I verify a batch of certificates with 1 certificate revoked? How to know a particular certificate is revoked when verify a certificate?
In your issuer profile, you add a revocationList property which points to a URL that has a list of revoked certificates. You can also have that URL specified in the certificate as well. Check out https://github.com/blockchain-certificates/cert-verifier-js/blob/5cbe2ed0105cc18296ff4160747820881ef599c8/docs/verification-process.md#issuer-revocation-information for more info.
I hope that answers your various questions all at once. It’s up to issuers to maintain their revocationList url with individual certificates that they wish to revoke. Does not matter what batch they are in.
Though looks like there’s a bug right now that if the revocation url is not specified in the certificate, then the issuer profile revocation url is not checked either. Opened a bug on it here: https://github.com/blockchain-certificates/cert-verifier-js/issues/308
Thank you @aronning! I have tried following to verify revoke status. Here, shall we need to pass certificate id, and check this certificate Id exist on revocationURL JSON manually? If exists, send revocation status as True otherwise send as revocation false(valid certificate)?
So Revoke in BlockCert engine does not change anything (or) issue another record on BlockChain. It is upto issuers to maintain their revoked certificates list and return the revoke status? Am I right, please correct if I am wrong in Revoke.
#import ipfsapi
#import json
#replace this part with ethereum connection :)
cert_id = "urn:uuid:93019408-acd8-4420-be5e-0400d643954a1"
#cert_test_rules_ipfs = "QmRpf56gT995wnmBwQsbiCAKRFZhHVpdcBkkAdQWjPUGze"
#cert_test_proofs_ipfs = "QmTDLmKYLRxEw6Hjb8swSi1xDZvQs6R9jPb5isyZKPuXBX"
#api = ipfsapi.connect('127.0.0.1', 5001)
#def getJSONfromIPFS(ipfscat):
# res = api.cat(ipfscat)
# resjson = res.decode('utf8').replace("'", '"')
# return json.loads(resjson)
#rulesFile = getJSONfromIPFS(cert_test_rules_ipfs)
#proofsFile = getJSONfromIPFS(cert_test_proofs_ipfs)
rulesFile = {'revocation_rules':['issuer_key','receiver_key']}
proofsFile = {'proofs':['issuer_revoke','receiver_revoke']}
def mockGetPublicKeyFromSignature(proof):
if "issuer_revoke" == proof:
return "issuer_key"
if "receiver_revoke" == proof:
return "receiver_key"
def getPublicKeyFromSignature(proof):
return mockGetPublicKeyFromSignature(proof)
def verifyRevocationStatus(rulesFile, proofsFile):
revocationStatus = True
for proof in proofsFile["proofs"]:
if getPublicKeyFromSignature(proof) not in rulesFile["revocation_rules"]:
revocationStatus = False
return revocationStatus
print(verifyRevocationStatus(rulesFile,proofsFile))Are you talking about from this repo? https://github.com/blockchain-certificates/revocation
That’s not in use: " This is a proposal for an architecture of Blockcerts’ certificate revocation using Ethereum smart-contracts and it follows the “Hypercerts Thesis Proposal”."