Hi, given the recent Comodo problem I was looking how OpenSSL handles certificate revocation and found good information here:
using OCSP http://etutorials.org/Programming/secure+programming/Chapter+10.+Public+Key+Infrastructure/10.12+Checking+Revocation+Status+via+OCSP+with+OpenSSL/ using CRL http://etutorials.org/Programming/secure+programming/Chapter+10.+Public+Key+Infrastructure/10.10+Obtaining+Certificate+Revocation+Lists+with+OpenSSL/ Now thats a lot of code that must be implemented in the client - I am wondering how many clients do in fact implement it? Richard --- Name and OpenPGP keys available from pgp key servers -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
