fun with CRLs!
Perry E. Metzger
perry at piermont.com
Fri Jan 9 10:21:29 EST 2004
/. is reporting this, anyone know the real story?
Verisign Certificate Expiration Causes Multiple Problems
Posted by michael on Thursday January 08, @03:46PM
from the rot-at-the-root dept.
We had to do a little sleuthing today. Many readers wrote in with
problems that turned out to be related. A certificate which Verisign
used for signing SSL certificates has expired. When applications which
depend on that certificate try to make an SSL connection, they fail
and try to access crl.verisign.com, the certificate revocation list
server. This has effectively DOS'ed that site, and Verisign has now
updated the DNS record for that address to include several
non-routable addresses, reducing the load on their servers. Some
applications affected include older Internet Explorer browsers, Java,
and Norton Antivirus (which may manifest itself as Microsoft Word
being very slow to start). Hope this helps a few people, and if you
have other apps with problems, please post about them below.
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list