Re: CRLOverlap Question
hi,
thanks.
and there's really no way to change that behavior ?
mario
"Chipeater" <david.wozny@xxxxxxxxx> wrote in message
news:ecf80004-a3b0-4b2c-99ab-bbed60a3ff25@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi Mario,
The CRL overlap validity period cannot be a value greater than the CRL
base validity period (shame) - if you configure it to be longer it
just gets trimmed to the same value as the base CRL.
Dave
.
Relevant Pages
- Re: CRL publish & validity times..
... Can you provide the CA cert and CRL ... > following registry entries on my CA: ... >>present in Windows 2003 CA's registry key. ... >>>> validity period of the CRL is extended from the publish ...
(microsoft.public.security) - Re: CRL publish & validity times..
... Windows 2000 CA? ... present in Windows 2003 CA's registry key. ... >The CA crl publicatio is controlled by the following ... >> and the validity period of a CRL. ...
(microsoft.public.security) - CRL publish & validity times..
... MS Certificate Authority's documentation has following on ... and the validity period of a CRL. ... information about these registry entries. ...
(microsoft.public.security) - Re: CRL publish & validity times..
... CRLDeltaPeriodUnits REG_DWORD = 1 ... valid old CRL that has not yet expired ... the> validity period of the CRL is extended from the publish> period to allow for Active Directory replication. ... > validity period....There are registry entries which allow> an administrator to control the variance between publish> period and validity period to allow for slower directory> replication. ...
(microsoft.public.security) - Re: Problem with IIS5 - "expired" CRLs not working?
... > validity period of the CRL in the ICA, but unfortunately, have failed. ... > because the assumption was that IIS would actually obey the CRL validity ... > continue to merrily allow connections from clients. ...
(microsoft.public.platformsdk.security) |
|
