> What support will be available in future releases (0.9.7?) of OpenSSL for > retrieving and caching CRL's from CRL Distribution points? What protocols > will be supported? HTTP, HTTPS, FTP, LDAP?
Um, your code? Last time I checked, 0.9.7 had limited support for CRLs. The CRLs have to be preloaded; there's no support for alternate signers; there's no support for fetching CDPs (although you *can* parse them and fetch them yourself). Since the OpenSSL X509_STORE cache is static, there's also no refresh logic. None of this is a complaint, btw; it was surprisingly easy to graft support for CRLs and CDPs onto the outside of the OpenSSL verifier. -- Harald Koch <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
