Re: Thawte Digital Certificate Revocation List Issue
From: Illinois Divorce Reform (_at_)
Date: 03/13/04
- Next message: *Vanguard*: "Re: 128 - bit encryption"
- Previous message: David: "128 - bit encryption"
- In reply to: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Next in thread: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Reply: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 13 Mar 2004 14:07:06 -0600
Message 2:
OK, so here is what I have learned so far from the initial responses by
*Vanguard* and Neb Okla.
1-CRL's are on their way out due to file sizes and a better protocol,
OCSP(online certificate status protocol).
2-This protocol is better because it only checks the cert in question rather
than retrieving the entire crl list, and some other reasons such as caching
risk.
3-The certificate concept itself is here to stay, as people are using the
notaries and are using certs.
I have more questions though:
1-I am using version 6 of internet explorer. I cannot find an option to
disable crl's. Apparently its no longer an issue because they are on their
way out?
2-In the meantime, how can I add these crl lists to a 'path?' as suggested
in thawte's writeup? and would that make the message go away? The message
is not the same one that *Vanguard* found here at thawte. See the original
one..http://www.thawte.com/html/SUPPORT/email/iexplorer.html that reads as
follows:
3-what about certs with Yahoo Mail or Hotmail? Millions of people use these,
but can you send encrypted or digitally signed messages too them? I know
you can SEND TO these addresses digitally signed.
Bottom line, can I use these crl's or not??? Whats the point of even a
trusted cert if you can't check it against a crl?
As a side note, you can add more personal info to the cert for thawte. I
need to research it again but at a minimum you can add a name. I know this
because I am a notary for Thawte myself.
- application/x-pkcs7-signature attachment: smime.p7s
- Next message: *Vanguard*: "Re: 128 - bit encryption"
- Previous message: David: "128 - bit encryption"
- In reply to: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Next in thread: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Reply: Neb Okla: "Re: Thawte Digital Certificate Revocation List Issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
