fun with CRLs!

Perry E. Metzger perry at piermont.com
Fri Jan 9 10:21:29 EST 2004


/. is reporting this, anyone know the real story?

  Verisign Certificate Expiration Causes Multiple Problems

  Posted by michael on Thursday January 08, @03:46PM
  from the rot-at-the-root dept.
  We had to do a little sleuthing today. Many readers wrote in with
  problems that turned out to be related. A certificate which Verisign
  used for signing SSL certificates has expired. When applications which
  depend on that certificate try to make an SSL connection, they fail
  and try to access crl.verisign.com, the certificate revocation list
  server. This has effectively DOS'ed that site, and Verisign has now
  updated the DNS record for that address to include several
  non-routable addresses, reducing the load on their servers. Some
  applications affected include older Internet Explorer browsers, Java,
  and Norton Antivirus (which may manifest itself as Microsoft Word
  being very slow to start). Hope this helps a few people, and if you
  have other apps with problems, please post about them below.

-- 
Perry E. Metzger		perry at piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list