Re: PKI and Relying Parties
From: Citizen Fish (fishy@Date: 03/28/02
- Next message: Andrew McCall: "Re: Permission denied (publickey) Problem."
- Previous message: espresso: "Diable ssh1 (OpenSSH)"
- In reply to: Harold Hammond: "Re: PKI and Relying Parties"
- Next in thread: john.veldhuis@universal.nl: "Re: PKI and Relying Parties"
- Next in thread: Citizen Fish: "Re: PKI and Relying Parties"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Citizen Fish <fishy@<tut tut>answer.me.uk> Date: Thu, 28 Mar 2002 15:21:06 +0000
Harold Hammond coughed up the following:
> This isn't about access control or about the reliability of a PKI. The
> simple question is how can one get access to up-to-date CRLs without
> becoming a CA.
>
> I want to be able to check Certificate Revocation Lists for digital
> certificates
> being presented at my website. I do not want to be a CA. I do not want
> anyone to be a CA on my behalf.
>
> Any ideas?
> -Harold
..and the answer is simple....all good CA's publish them. You access them
via either LDAP, or HTTP retrieval and process them yourself (PKCS#7) or
you use OCSP
CF
-- Come inside boy - they call this fun!,..........
- Next message: Andrew McCall: "Re: Permission denied (publickey) Problem."
- Previous message: espresso: "Diable ssh1 (OpenSSH)"
- In reply to: Harold Hammond: "Re: PKI and Relying Parties"
- Next in thread: john.veldhuis@universal.nl: "Re: PKI and Relying Parties"
- Next in thread: Citizen Fish: "Re: PKI and Relying Parties"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
