IIS CRL Checking
From: Jackson Lancaster (jackson.lancaster_at_afbudsys.disa.mil)
Date: 09/05/03
- Next message: Jeff Cochran: "Re: Related but multiple IPs hammering my site; Downloading entire content"
- Previous message: Jeff Cochran: "Re: I clean it several times but she still find it. HELP!"
- Next in thread: Ohaya: "Re: IIS CRL Checking"
- Reply: Ohaya: "Re: IIS CRL Checking"
- Reply: Bernard: "Re: IIS CRL Checking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 5 Sep 2003 13:55:16 -0500
Can anyone explain (in some detail) how IIS checks CRL's for client PKI
certs. The articles I have seen state that IIS uses the CRL CDP to verify
client certificates. Is this true that IIS will use http or ldap (live) to
verify a cert against a CRL. I have also read that IIS caches the CRL's
that it downloads. Does it cache them in memory or in the file system. And
last, if I install CRL's locally, does IIS use these CRL's to verify client
certs or does it still check against the cached or real CRL? I have tried
installing CRL's locally (on the IIS server) but when I do this the pop-up
screen to choose a client cert to use takes about 20-30 seconds longer to
pop-up than if I dont have the CRL's installed locally.
- Next message: Jeff Cochran: "Re: Related but multiple IPs hammering my site; Downloading entire content"
- Previous message: Jeff Cochran: "Re: I clean it several times but she still find it. HELP!"
- Next in thread: Ohaya: "Re: IIS CRL Checking"
- Reply: Ohaya: "Re: IIS CRL Checking"
- Reply: Bernard: "Re: IIS CRL Checking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
