Re: Issuing Enterprise Subordinate CA - Why not a DC?
From: Paul Adare (padare_at_newsguy.com)
Date: Thu, 3 Mar 2005 13:18:39 -0500
In article <firstname.lastname@example.org>, in the
microsoft.public.windows.server.security news group, Dave
> I was under the impression that even if you do build a stand alone root ca
> that you still have to connect it periocially to update the CRLs?
You need to turn it on periodically to issue an updated CRL, however,
you do not need to attach it to a network to do so. Copy the updated CRL
to a floppy or a USB device and then take that to a member computer and
publish it from there.
-- Paul Adare "On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question." -- Charles Babbage (1791-1871)