Verisign CRL single point of failure

dave kleiman davek at
Fri Jan 9 15:26:42 EST 2004

>>I don't think you understood my question.  Why is 
>>getting overloaded *now.*  What does the expiration of one of their CA 
>>certificates have to do with it?  Once you see that a cert has expired, 
>>there's no need whatsoever to go look at the CRL.  The point of a CRL is 
>>to revoke certificates prior to their expiration.
You are correct I did miss your point in haste. 
I cannot answer that, but I can tell you that disabling the function or
uninstalling NAV that has CRL function, fixes the problem immediately.
And if you watch your firewall as the clients open a file that requests a
virus scan they all try to hit This has been happening
since the 7th when that cert expired.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list