Re: Cert processing in IE5.5

From: David Cross [MS] (dcross_at_online.microsoft.com)
Date: 04/28/03


Date: Mon, 28 Apr 2003 05:29:06 -0700


By default IE 5.5 does not do any revocation check unless it is turned on -
same as all other versions of IE prior to Windows Server 2003. This article
will explain how the Windows platform does chain building and revocation
checks regardless of the version of IE:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/WinXPPro/support/tshtcrl.asp

-- 
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
http://support.microsoft.com
"Ian Wade" <ian.wade@netro.co.uk> wrote in message
news:$GSWH3BcUOr+Ew$V@netro.co.uk...
> I need to find out exactly what IE5.5 does when checking an X.509 cert
> received from a server (e.g. date validity checks, CRL checking,
> signature checking etc). I understand X.509 and the inner workings of
> SSL, and I know what a client *should* do in checking a cert, but I
> don't know what IE5.5 actually *does* do.
>
> Also, I need explanations of exactly what the IE5.5 "Advanced Security"
> buttons do (under Tools>Internet Options>Advanced).
>
> Can someone point me to useful site(s).
>
> Thanks
>
> Ian
>


Relevant Pages

  • Re: certificate revocation doesnt work
    ... Also we did get the certificate installed and working using OWA. ... I do understand that using OWA and ISA2000 revocation checking doesn't work. ... >> Why isn't this kept in AD so when a user loogs in the cert is marked as ... >>> send the signed mail, not the user who is going to receive the mail. ...
    (microsoft.public.win2000.security)
  • Re: Error issuing certificates from WS03 cert svc
    ... Your problem was the removal of the revoked certificates. ... The revocation function was unable to ... The request was for <here comes specific cert subject info>. ... All certs are likewise published on the web server ...
    (microsoft.public.windows.server.security)
  • Re: certificate revocation doesnt work
    ... Outlook XP does check revocation by default. ... I tried this in my test lab and even afdter the user's certificate ... >> I am not saying that the cert is not revoked and no longer invalid - I ...
    (microsoft.public.win2000.security)
  • Re: 291 time
    ... Birol you should read your MCP agreement... ... MCSE+Messaging on Windows Server 2003 ... I will try the 291 cert soon, and i would like to know how many time did U ...
    (microsoft.public.cert.exam.mcsa)
  • Re: certificate revocation doesnt work
    ... One interesting note, I am not using Key manager from Exchange 2000, should ... > easy one - Outlook 2000 does not check revocation by default. ... >> Why isn't this kept in AD so when a user loogs in the cert is marked as ...
    (microsoft.public.win2000.security)