* Vincent Deffontaines: > 1) What are those .crl files used for?
These are Certificate Revocation Lists. They are essential for the operation of a PKI, especially a global one with lose registration checks. > Maybe they could be used to "corrupt" actual browser's certs? There whole purpose is to destroy certificates so that further use is impossible. It's necessary when the CA discovers that it has wrongly issued a certificate, or when the CA customer compromises its private key. If you want to block those CRL requests, please read the license that governs the use of those certificates first. In some cases, you MUST fetch and process that CRL data. -- Current mail filters: many dial-up/DSL/cable modem hosts, and the following domains: bigpond.com, di-ve.com, fuorissimo.com, hotmail.com, jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt, spymac.com, tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr, yahoo.com.
