Re: Checking for certificate revocation

From: Chris Williamson (
Date: 12/07/04

Date: 7 Dec 2004 04:26:54 -0800


Our network people have just confirmed that the reply from Thawte is
being blocked by our firewall, hence the request times out, delaying
loading of the dialog containg the 3rd party component.

That still leaves me wondering. Why does the certificate need to be
checked at all?

It seems very odd that whereas the .NET runtime will quite happily load
up a component without any certificate attached from the local hard
drive (as well as native code and other such security nasties), if a
certificate is present then it must be checked before the code can be
trusted. Is this standard .NET behaviour, or something that must have
been added by the component authors?

Any insight into what is going on, or how to disable certificate
checking for the component would be appreciated.