On Tue, May 13, 2008 at 07:38:27PM +0000, Sam Morris wrote: > On Tue, 13 May 2008 21:29:53 +0200, Vincent Bernat wrote: > > > - It seems that firefox does not handle CRL unless manually imported, > > correct? This means that in most cases already issued certificates > > are still vulnerable even revoked. A quick look seems to show that > > most software do not handle CRL at all. > > Yes, x509 is fundamentally broken in the first place. >
and how! see http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt for more in this vein. I never tire of reading that file ... Regards, Paddy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
