Verisign CRL single point of failure
Rich Salz
rsalz at datapower.com
Fri Jan 9 14:06:38 EST 2004
dave kleiman wrote:
> Because the client has a Certificate Revocation Checking function turned on
> in a particular app (i.e. IE or NAV).
I don't think you understood my question. Why is crl.verisign.com
getting overloaded *now.* What does the expiration of one of their CA
certificates have to do with it? Once you see that a cert has expired,
there's no need whatsoever to go look at the CRL. The point of a CRL is
to revoke certificates prior to their expiration.
/r$
--
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list